SoftTree Technologies SoftTree Technologies
Technical Support Forums
RegisterSearchFAQMemberlistUsergroupsLog in
logon.exe on a VM of Windows Server 2003
Goto page Previous  1, 2, 3  Next
 
Reply to topic    SoftTree Technologies Forum Index » 24x7 Scheduler, Event Server, Automation Suite View previous topic
View next topic
logon.exe on a VM of Windows Server 2003
Author Message
SysOp
Site Admin


Joined: 26 Nov 2006
Posts: 6509

Post Reply with quote
Thank you. Can you try it with Symantec Endpoint Protection services stopped and disabled, you may need to restart the VM after changes.

Ps. Last line output is SNACNP::NPGetCaps::WNNC_START - which is the function enumerating and starting network servicre providers, more details here
http://msdn.microsoft.com/en-us/library/windows/desktop/aa378794(v=vs.85).aspx
Looks like it crashes while trying to load network providers
Wed Oct 26, 2011 10:11 am View user's profile Send private message
miande



Joined: 21 Oct 2011
Posts: 21
Country: United States

Post Reply with quote
On our XP box i see the username get set and the password get set from the login screen but with 2003 I never see the username or password fields on the login page get set. This is why I felt the logon.exe was not properly identifying these fields on the login screen. Am I right on this? Shouldn't I see these fields getting set on the login screen?

FYI I'm working to disable Symantec...
Wed Oct 26, 2011 10:31 am View user's profile Send private message
miande



Joined: 21 Oct 2011
Posts: 21
Country: United States

Post Reply with quote
Disabled Symantec but it did NOT log on correctly:

[\\AUTOMATION01]
00000001 0.00000000 [4028] SNACNP::NPGetCaps::WNNC_NET_TYPE
00000002 0.00003575 [4028] SNACNP::NPGetCaps::WNNC_USER
00000003 0.00004864 [4028] SNACNP::NPGetCaps::WNNC_CONNECTION
00000004 0.00005403 [4028] SNACNP::NPGetCaps::WNNC_ENUMERATION
00000005 0.00007145 [4028] SNACNP::NPGetCaps::WNNC_ADMIN
00000006 0.00008438 [4028] SNACNP::NPGetCaps::WNNC_DIALOG
00000007 0.00011673 [4028] SNACNP::NPLogonNotify!
00000008 0.00013073 [4028] WinSta0
00000009 0.00015233 [4028] SNACNP::NPLogonNotify done.
00000010 0.00272097 [372] USERENV(174.178) 10:08:28:063
00000011 0.00277545 [372] LoadUserProfile: Yes, we can impersonate the user. Running as self
00000012 0.00282852 [372]
00000013 0.00396680 [372] USERENV(174.178) 10:08:28:078
00000014 0.00402075 [372] =========================================================
00000015 0.00407321 [372]
00000016 0.00510476 [372] USERENV(174.178) 10:08:28:078
00000017 0.00516073 [372] LoadUserProfile: Entering, hToken = <0x75c>, lpProfileInfo = 0x6e5d8
00000018 0.00521425 [372]
00000019 0.00747502 [372] USERENV(174.178) 10:08:28:078
00000020 0.00753142 [372] LoadUserProfile: lpProfileInfo->dwFlags = <0x0>
00000021 0.00758463 [372]
00000022 0.00863004 [372] USERENV(174.178) 10:08:28:078
00000023 0.00868614 [372] LoadUserProfile: lpProfileInfo->lpUserName = <qcadmin>
00000024 0.00873883 [372]
00000025 0.00979433 [372] USERENV(174.178) 10:08:28:078
00000026 0.00985015 [372] LoadUserProfile: NULL central profile path
00000027 0.00990313 [372]
00000028 0.01094032 [372] USERENV(174.178) 10:08:28:078
00000029 0.01100190 [372] LoadUserProfile: lpProfileInfo->lpDefaultPath = <CWYIGDCCRPRW01>
00000030 0.01105486 [372]
00000031 0.01207225 [372] USERENV(174.178) 10:08:28:078
00000032 0.01212851 [372] LoadUserProfile: NULL server name
00000033 0.01218129 [372]
00000034 0.01323143 [372] USERENV(174.178) 10:08:28:078
00000035 0.01328721 [372] LoadUserProfile: In console winlogon process
00000036 0.01333991 [372]
00000037 0.01442384 [372] USERENV(174.178) 10:08:28:078
00000038 0.01447911 [372] In LoadUserProfileP
00000039 0.01453181 [372]
00000040 0.01557238 [372] USERENV(174.178) 10:08:28:078
00000041 0.01563068 [372] =========================================================
00000042 0.01568331 [372]
00000043 0.01673099 [372] USERENV(174.178) 10:08:28:078
00000044 0.01678799 [372] LoadUserProfile: Entering, hToken = <0x75c>, lpProfileInfo = 0x6e5d8
00000045 0.01684128 [372]
00000046 0.01790924 [372] USERENV(174.178) 10:08:28:078
00000047 0.01796453 [372] LoadUserProfile: lpProfileInfo->dwFlags = <0x0>
00000048 0.01801739 [372]
00000049 0.01917154 [372] USERENV(174.178) 10:08:28:094
00000050 0.01922717 [372] LoadUserProfile: lpProfileInfo->lpUserName = <qcadmin>
00000051 0.01927988 [372]
00000052 0.02049208 [372] USERENV(174.178) 10:08:28:094
00000053 0.02054410 [372] LoadUserProfile: NULL central profile path
00000054 0.02059622 [372]
00000055 0.02163374 [372] USERENV(174.178) 10:08:28:094
00000056 0.02169061 [372] LoadUserProfile: lpProfileInfo->lpDefaultPath = <CWYIGDCCRPRW01>
00000057 0.02174352 [372]
00000058 0.02278372 [372] USERENV(174.178) 10:08:28:094
00000059 0.02283874 [372] LoadUserProfile: NULL server name
00000060 0.02289177 [372]
00000061 0.02395463 [372] USERENV(174.178) 10:08:28:094
00000062 0.02401066 [372] LoadUserProfile: User sid: S-1-5-21-1935655697-1604221776-682003330-212752
00000063 0.02406370 [372]
00000064 0.02510804 [372] USERENV(174.178) 10:08:28:094
00000065 0.02516313 [372] CSyncManager::EnterLock <S>
00000066 0.02521593 [372]
00000067 0.02626513 [372] USERENV(174.178) 10:08:28:094
00000068 0.02632073 [372] CSyncManager::EnterLock: No existing entry found
00000069 0.02637632 [372]
00000070 0.02742239 [372] USERENV(174.178) 10:08:28:094
00000071 0.02747752 [372] CSyncManager::EnterLock: New entry created
00000072 0.02753007 [372]
00000073 0.02854495 [372] USERENV(174.178) 10:08:28:094
00000074 0.02860156 [372] CHashTable::HashAdd: S-1-5-21-1935655697-1604221776-682003330-212752 added in bucket 0
00000075 0.02865419 [372]
00000076 0.02973519 [372] USERENV(174.178) 10:08:28:094
00000077 0.02979518 [372] LoadUserProfile: Wait succeeded. In critical section.
00000078 0.02984789 [372]
00000079 0.03090742 [372] USERENV(174.178) 10:08:28:094
00000080 0.03096572 [372] TestIfUserProfileLoaded: Profile already loaded.
00000081 0.03101858 [372]
00000082 0.03213618 [372] USERENV(174.178) 10:08:28:094
00000083 0.03219578 [372] LoadUserClasses: classes hive already loaded.
00000084 0.03224771 [372]
00000085 0.03333463 [372] USERENV(174.178) 10:08:28:094
00000086 0.03339021 [372] Profile Ref Count is 2
00000087 0.03344282 [372]
00000088 0.03448045 [372] USERENV(174.178) 10:08:28:094
00000089 0.03454401 [372] LoadUserProfile: Leaving critical Section.
00000090 0.03459308 [372]
00000091 0.03563391 [372] USERENV(174.178) 10:08:28:109
00000092 0.03568982 [372] CSyncManager::LeaveLock <S>
00000093 0.03574257 [372]
00000094 0.03679777 [372] USERENV(174.178) 10:08:28:109
00000095 0.03685375 [372] CSyncManager::LeaveLock: Lock released
00000096 0.03691503 [372]
00000097 0.03796147 [372] USERENV(174.178) 10:08:28:109
00000098 0.03801715 [372] CHashTable::HashDelete: S-1-5-21-1935655697-1604221776-682003330-212752 deleted
00000099 0.03807247 [372]
00000100 0.03910518 [372] USERENV(174.178) 10:08:28:109
00000101 0.03916104 [372] CSyncManager::LeaveLock: Lock deleted
00000102 0.03921345 [372]
00000103 0.04030610 [372] USERENV(174.178) 10:08:28:109
00000104 0.04036275 [372] LoadUserProfile: Impersonated user: 0000075c, 00000000
00000105 0.04041574 [372]
00000106 0.04165337 [372] USERENV(174.178) 10:08:28:109
00000107 0.04170920 [372] LoadUserProfile: 002 About Reverted to user: 00000000
00000108 0.04176270 [372]
00000109 0.04282142 [372] USERENV(174.178) 10:08:28:109
00000110 0.04287740 [372] LoadUserProfile: Leaving with a value of 1.
00000111 0.04293348 [372]
00000112 0.04396571 [372] USERENV(174.178) 10:08:28:109
00000113 0.04402039 [372] =========================================================
00000114 0.04407281 [372]
00000115 0.04508932 [372] USERENV(174.178) 10:08:28:109
00000116 0.04514489 [372] LoadUserProfile: LoadUserProfileP succeeded
00000117 0.04519757 [372]
00000118 0.04625528 [372] USERENV(174.178) 10:08:28:109
00000119 0.04631122 [372] LoadUserProfile: Returning success. Final Information follows:
00000120 0.04636456 [372]
00000121 0.04740307 [372] USERENV(174.178) 10:08:28:109
00000122 0.04745942 [372] lpProfileInfo->UserName = <qcadmin>
00000123 0.04751205 [372]
00000124 0.04855472 [372] USERENV(174.178) 10:08:28:109
00000125 0.04860858 [372] lpProfileInfo->lpProfilePath = <null>
00000126 0.04866131 [372]
00000127 0.04969777 [372] USERENV(174.178) 10:08:28:109
00000128 0.04975856 [372] lpProfileInfo->dwFlags = 0x0
00000129 0.04981374 [372]
00000130 0.05088824 [372] USERENV(174.178) 10:08:28:125
00000131 0.05094371 [372] LoadUserProfile: Returning TRUE. hProfile = <0x69c>
00000132 0.05099654 [372]
00000133 0.06340597 [372] USERENV(174.178) 10:08:28:125
00000134 0.06344218 [372] IsSyncForegroundPolicyRefresh: Synchronous, Reason: policy set to SYNC
00000135 0.06349409 [372]
00000136 0.06464997 [372] USERENV(174.fc8) 10:08:28:125
00000137 0.06466547 [372] IsSyncForegroundPolicyRefresh: Synchronous, Reason: policy set to SYNC
00000138 0.06467928 [372]
00000139 0.06595995 [372] USERENV(174.fc8) 10:08:28:140
00000140 0.06597907 [372] ApplyGroupPolicy: Entering. Flags = 6
00000141 0.06599234 [372]
00000142 0.06697338 [372] USERENV(174.fc8) 10:08:28:140
00000143 0.06698912 [372] ApplyGroupPolicy: Duplicating handles
00000144 0.06700228 [372]
00000145 0.06802814 [372] USERENV(174.fc8) 10:08:28:140
00000146 0.06804388 [372] ProcessGPOs:
00000147 0.06805724 [372]
00000148 0.06901202 [372] USERENV(174.fc8) 10:08:28:140
00000149 0.06902771 [372] ProcessGPOs:
00000150 0.06904101 [372]
00000151 0.07000412 [372] USERENV(174.fc8) 10:08:28:140
00000152 0.07002099 [372] ProcessGPOs: Starting user Group Policy (Sync forground) processing...
00000153 0.07003409 [372]
00000154 0.07099422 [372] USERENV(174.fc8) 10:08:28:140
00000155 0.07100978 [372] ProcessGPOs:
00000156 0.07102280 [372]
00000157 0.07198075 [372] USERENV(174.fc8) 10:08:28:140
00000158 0.07199959 [372] ProcessGPOs:
00000159 0.07201357 [372]
00000160 0.07306218 [372] USERENV(174.fc8) 10:08:28:140
00000161 0.07308417 [372] EnterCriticalPolicySectionEx: Entering with timeout 600000 and flags 0x0
00000162 0.07309803 [372]
00000163 0.07409120 [372] USERENV(174.fc8) 10:08:28:140
00000164 0.07410857 [372] EnterCriticalPolicySectionEx: User critical section has been claimed. Handle = 0x87c
00000165 0.07412177 [372]
00000166 0.07510423 [372] USERENV(174.fc8) 10:08:28:140
00000167 0.07512051 [372] EnterCriticalPolicySectionEx: Leaving successfully.
00000168 0.07513336 [372]
00000169 0.07617676 [372] USERENV(174.fc8) 10:08:28:140
00000170 0.07619191 [372] ProcessGPOs: Machine role is 2.
00000171 0.07621700 [372]
00000172 0.44478348 [372] USERENV(174.fc8) 10:08:28:511
00000173 0.44481003 [372] PingComputer: PingBufferSize set as 2048
00000174 0.44482583 [372]
00000175 0.44634330 [372] USERENV(174.fc8) 10:08:28:511
00000176 0.44636011 [372] PingComputer: Adapter speed 1410065408 bps
00000177 0.44638035 [372]
00000178 0.45154357 [372] USERENV(174.fc8) 10:08:28:511
00000179 0.45155740 [372] PingComputer: First time: 4
00000180 0.45157233 [372]
00000181 0.45257461 [372] USERENV(174.fc8) 10:08:28:511
00000182 0.45259082 [372] PingComputer: Fast link. Exiting.
00000183 0.45260474 [372]
00000184 0.45359483 [372] USERENV(174.fc8) 10:08:28:511
00000185 0.45361319 [372] ProcessGPOs: User name is: CN=qcadmin - qcadmin,OU=Service Accounts,OU=Conway,OU=US,DC=Corp,DC=company,DC=net, Domain name is: CORP.company.NET
00000186 0.45362675 [372]
00000187 0.45463789 [372] USERENV(174.fc8) 10:08:28:511
00000188 0.45465529 [372] ProcessGPOs: Domain controller is: \\CWYSDDCCRPRO00.Corp.company.net Domain DN is CORP.company.NET
00000189 0.45466885 [372]
00000190 0.45580277 [372] USERENV(174.fc8) 10:08:28:511
00000191 0.45582038 [372] ReadGPExtensions: Rsop entry point not found for dskquota.dll.
00000192 0.45583388 [372]
00000193 0.45689860 [372] USERENV(174.fc8) 10:08:28:526
00000194 0.45691460 [372] ReadGPExtensions: Rsop entry point not found for gptext.dll.
00000195 0.45692778 [372]
00000196 0.45798960 [372] USERENV(174.fc8) 10:08:28:526
00000197 0.45800775 [372] ReadGPExtensions: Rsop entry point not found for C:\WINDOWS\system32\iedkcs32.dll.
00000198 0.45802113 [372]
00000199 0.45906129 [372] USERENV(174.fc8) 10:08:28:526
00000200 0.45907813 [372] ReadGPExtensions: Rsop entry point not found for C:\WINDOWS\system32\iedkcs32.dll.
00000201 0.45909148 [372]
00000202 0.46018878 [372] USERENV(174.fc8) 10:08:28:526
00000203 0.46020535 [372] ReadGPExtensions: Rsop entry point not found for scecli.dll.
00000204 0.46021861 [372]
00000205 0.46126196 [372] USERENV(174.fc8) 10:08:28:526
00000206 0.46127892 [372] ReadGPExtensions: Rsop entry point not found for C:\WINDOWS\System32\cscui.dll.
00000207 0.46129209 [372]
00000208 0.46236449 [372] USERENV(174.fc8) 10:08:28:526
00000209 0.46238706 [372] ReadGPExtensions: Rsop entry point not found for C:\WINDOWS\system32\iedkcs32.dll.
00000210 0.46240324 [372]
00000211 0.46347114 [372] USERENV(174.fc8) 10:08:28:526
00000212 0.46348846 [372] ReadExtStatus: Reading Previous Status for extension {35378EAC-683F-11D2-A89A-00C04FBBCFA2}
00000213 0.46350193 [372]
00000214 0.46591756 [372] USERENV(174.fc8) 10:08:28:526
00000215 0.46593431 [372] ReadStatus: Read Extension's Previous status successfully.
00000216 0.46594802 [372]
00000217 0.46696794 [372] USERENV(174.fc8) 10:08:28:526
00000218 0.46698526 [372] ReadExtStatus: Reading Previous Status for extension {0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}
00000219 0.46699890 [372]
00000220 0.46815452 [372] USERENV(174.fc8) 10:08:28:526
00000221 0.46817160 [372] ReadExtStatus: Reading Previous Status for extension {25537BA6-77A8-11D2-9B6C-0000F8080861}
00000222 0.46818519 [372]
00000223 0.46918342 [372] USERENV(174.fc8) 10:08:28:526
00000224 0.46920612 [372] ReadExtStatus: Reading Previous Status for extension {3610eda5-77ef-11d2-8dc5-00c04fa31a66}
00000225 0.46921986 [372]
00000226 0.47023636 [372] USERENV(174.fc8) 10:08:28:526
00000227 0.47027895 [372] ReadExtStatus: Reading Previous Status for extension {426031c0-0b47-4852-b0ca-ac3d37bfcb39}
00000228 0.47030437 [372]
00000229 0.47140390 [372] USERENV(174.fc8) 10:08:28:526
00000230 0.47142082 [372] ReadExtStatus: Reading Previous Status for extension {42B5FAAE-6536-11d2-AE5A-0000F87571E3}
00000231 0.47143447 [372]
00000232 0.47243571 [372] USERENV(174.fc8) 10:08:28:541
00000233 0.47245231 [372] ReadExtStatus: Reading Previous Status for extension {4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}
00000234 0.47246575 [372]
00000235 0.47343808 [372] USERENV(174.fc8) 10:08:28:541
00000236 0.47345522 [372] ReadExtStatus: Reading Previous Status for extension {7B849a69-220F-451E-B3FE-2CB811AF94AE}
00000237 0.47346857 [372]
00000238 0.47446674 [372] USERENV(174.fc8) 10:08:28:541
00000239 0.47448587 [372] ReadExtStatus: Reading Previous Status for extension {827D319E-6EAC-11D2-A4EA-00C04F79F83A}
00000240 0.47451141 [372]
00000241 0.47551030 [372] USERENV(174.fc8) 10:08:28:541
00000242 0.47552583 [372] ReadExtStatus: Reading Previous Status for extension {A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}
00000243 0.47553912 [372]
00000244 0.47652277 [372] USERENV(174.fc8) 10:08:28:541
00000245 0.47653982 [372] ReadExtStatus: Reading Previous Status for extension {B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}
00000246 0.47655347 [372]
00000247 0.47754321 [372] USERENV(174.fc8) 10:08:28:541
00000248 0.47756097 [372] ReadExtStatus: Reading Previous Status for extension {C631DF4C-088F-4156-B058-4375F0853CD8}
00000249 0.47757417 [372]
00000250 0.47857657 [372] USERENV(174.fc8) 10:08:28:541
00000251 0.47859332 [372] ReadExtStatus: Reading Previous Status for extension {c6dc5466-785a-11d2-84d0-00c04fb169f7}
00000252 0.47860682 [372]
00000253 0.47960636 [372] USERENV(174.fc8) 10:08:28:541
00000254 0.47962341 [372] ReadExtStatus: Reading Previous Status for extension {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
00000255 0.47963688 [372]
00000256 0.48060396 [372] USERENV(174.fc8) 10:08:28:541
00000257 0.48062104 [372] ReadExtStatus: Reading Previous Status for extension {e437bc1c-aa7d-11d2-a382-00c04f991e27}
00000258 0.48063433 [372]
00000259 0.48181233 [372] USERENV(174.fc8) 10:08:28:541
00000260 0.48182800 [372] ProcessGPOs: Calling GetGPOInfo for normal policy mode
00000261 0.48184156 [372]
00000262 0.48283800 [372] USERENV(174.fc8) 10:08:28:541
00000263 0.48285455 [372] GetGPOInfo: ********************************
00000264 0.48286775 [372]
00000265 0.48385343 [372] USERENV(174.fc8) 10:08:28:541
00000266 0.48387283 [372] GetGPOInfo: Entering...
00000267 0.48388749 [372]
00000268 0.48492980 [372] USERENV(174.fc8) 10:08:28:541
00000269 0.48494637 [372] GetGPOInfo: Server connection established.
00000270 0.48495975 [372]
00000271 0.77270591 [372] USERENV(174.fc8) 10:08:28:835
00000272 0.77272505 [372] GetGPOInfo: Bound successfully.
00000273 0.77274668 [372]
00000274 0.80328244 [372] USERENV(174.fc8) 10:08:28:866
00000275 0.80330396 [372] SearchDSObject: Searching <OU>
00000276 0.80332947 [372]
00000277 0.80435830 [372] USERENV(174.fc8) 10:08:28:866
00000278 0.80437493 [372] SearchDSObject: No GPO(s) for this object.
00000279 0.80438834 [372]
00000280 0.80537760 [372] USERENV(174.fc8) 10:08:28:866
00000281 0.80539489 [372] SearchDSObject: Searching <OU>
00000282 0.80540848 [372]
00000283 0.80637676 [372] USERENV(174.fc8) 10:08:28:866
00000284 0.80639327 [372] SearchDSObject: No GPO(s) for this object.
00000285 0.80640668 [372]
00000286 0.80739075 [372] USERENV(174.fc8) 10:08:28:866
00000287 0.80740809 [372] SearchDSObject: Searching <OU>
00000288 0.80742180 [372]
00000289 0.80844843 [372] USERENV(174.fc8) 10:08:28:866
00000290 0.80846846 [372] SearchDSObject: Found GPO(s): <LDAP>
00000291 0.80848926 [372]
00000292 0.80950195 [372] USERENV(174.fc8) 10:08:28:866
00000293 0.80952227 [372] ProcessGPO: ==============================
00000294 0.80953598 [372]
00000295 0.81053865 [372] USERENV(174.fc8) 10:08:28:866
00000296 0.81055659 [372] ProcessGPO: Deferring search for <LDAP>
00000297 0.81056994 [372]
00000298 0.81158388 [372] USERENV(174.fc8) 10:08:28:866
00000299 0.81159955 [372] ProcessGPO: ==============================
00000300 0.81161308 [372]
00000301 0.81260461 [372] USERENV(174.fc8) 10:08:28:866
00000302 0.81262255 [372] ProcessGPO: Deferring search for <LDAP>
00000303 0.81263602 [372]
00000304 0.81361341 [372] USERENV(174.fc8) 10:08:28:866
00000305 0.81363016 [372] ProcessGPO: ==============================
00000306 0.81364381 [372]
00000307 0.81464702 [372] USERENV(174.fc8) 10:08:28:866
00000308 0.81466424 [372] ProcessGPO: Deferring search for <LDAP>
00000309 0.81467754 [372]
00000310 0.81568646 [372] USERENV(174.fc8) 10:08:28:881
00000311 0.81570363 [372] SearchDSObject: Searching <DC>
00000312 0.81571734 [372]
00000313 0.81672132 [372] USERENV(174.fc8) 10:08:28:881
00000314 0.81676108 [372] SearchDSObject: Found GPO(s): <LDAP>
00000315 0.81680298 [372]
00000316 0.81785518 [372] USERENV(174.fc8) 10:08:28:881
00000317 0.81787211 [372] ProcessGPO: ==============================
00000318 0.81788588 [372]
00000319 0.81890714 [372] USERENV(174.fc8) 10:08:28:881
00000320 0.81892544 [372] ProcessGPO: Deferring search for <LDAP>
00000321 0.81893891 [372]
00000322 0.81995660 [372] USERENV(174.fc8) 10:08:28:881
00000323 0.81997329 [372] ProcessGPO: ==============================
00000324 0.81998676 [372]
00000325 0.82098430 [372] USERENV(174.fc8) 10:08:28:881
00000326 0.82100254 [372] ProcessGPO: Deferring search for <LDAP>
00000327 0.82101613 [372]
00000328 0.82201642 [372] USERENV(174.fc8) 10:08:28:881
00000329 0.82203352 [372] ProcessGPO: ==============================
00000330 0.82204700 [372]
00000331 0.82306528 [372] USERENV(174.fc8) 10:08:28:881
00000332 0.82308376 [372] ProcessGPO: Deferring search for <LDAP>
00000333 0.82309723 [372]
00000334 0.82410127 [372] USERENV(174.fc8) 10:08:28:881
00000335 0.82411796 [372] ProcessGPO: ==============================
00000336 0.82413149 [372]
00000337 0.82514507 [372] USERENV(174.fc8) 10:08:28:881
00000338 0.82516283 [372] ProcessGPO: Deferring search for <LDAP>
00000339 0.82517666 [372]
00000340 0.82619303 [372] USERENV(174.fc8) 10:08:28:881
00000341 0.82620943 [372] ProcessGPO: ==============================
00000342 0.82622296 [372]
00000343 0.82724047 [372] USERENV(174.fc8) 10:08:28:881
00000344 0.82725918 [372] ProcessGPO: Deferring search for <LDAP>
00000345 0.82727277 [372]
00000346 0.82827169 [372] USERENV(174.fc8) 10:08:28:881
00000347 0.82829106 [372] SearchDSObject: The link to GPO LDAP://cn={4399296C-5598-4723-95E6-159DCDF8D1F9},cn=policies,cn=system,DC=Corp,DC=company,DC=net is disabled. It will be skipped for processing.
00000348 0.82830459 [372]
00000349 0.82931620 [372] USERENV(174.fc8) 10:08:28:881
00000350 0.82933390 [372] ProcessGPO: ==============================
00000351 0.82934767 [372]
00000352 0.83039397 [372] USERENV(174.fc8) 10:08:28:881
00000353 0.83041215 [372] ProcessGPO: Deferring search for <LDAP>
00000354 0.83042586 [372]
00000355 0.83142930 [372] USERENV(174.fc8) 10:08:28:897
00000356 0.83144647 [372] SearchDSObject: The link to GPO LDAP://CN={6DAD7795-236F-45E3-8589-8B531094543B},CN=Policies,CN=System,DC=Corp,DC=company,DC=net is disabled. It will be skipped for processing.
00000357 0.83147383 [372]
00000358 0.83266342 [372] USERENV(174.fc8) 10:08:28:897
00000359 0.83267987 [372] ProcessGPO: ==============================
00000360 0.83269340 [372]
00000361 0.83370841 [372] USERENV(174.fc8) 10:08:28:897
00000362 0.83372563 [372] ProcessGPO: Deferring search for <LDAP>
00000363 0.83374292 [372]
00000364 0.83474052 [372] USERENV(174.fc8) 10:08:28:897
00000365 0.83475769 [372] ProcessGPO: ==============================
00000366 0.83477199 [372]
00000367 0.83575910 [372] USERENV(174.fc8) 10:08:28:897
00000368 0.83577728 [372] ProcessGPO: Deferring search for <LDAP>
00000369 0.83579075 [372]
00000370 0.83679008 [372] USERENV(174.fc8) 10:08:28:897
00000371 0.83680731 [372] ProcessGPO: ==============================
00000372 0.83682078 [372]
00000373 0.83781028 [372] USERENV(174.fc8) 10:08:28:897
00000374 0.83782881 [372] ProcessGPO: Deferring search for <LDAP>
00000375 0.83784223 [372]
00000376 0.83884555 [372] USERENV(174.fc8) 10:08:28:897
00000377 0.83886260 [372] ProcessGPO: ==============================
00000378 0.83887625 [372]
00000379 0.84095407 [372] USERENV(174.fc8) 10:08:28:897
00000380 0.84097153 [372] ProcessGPO: Deferring search for <LDAP>
00000381 0.84098536 [372]
00000382 0.84200794 [372] USERENV(174.fc8) 10:08:28:897
00000383 0.84202355 [372] ProcessGPO: ==============================
00000384 0.84203702 [372]
00000385 0.84304410 [372] USERENV(174.fc8) 10:08:28:897
00000386 0.84306180 [372] ProcessGPO: Deferring search for <LDAP>
00000387 0.84307516 [372]
00000388 0.84406108 [372] USERENV(174.fc8) 10:08:28:897
00000389 0.84407681 [372] ProcessGPO: ==============================
00000390 0.84409034 [372]
00000391 0.84565723 [372] USERENV(174.fc8) 10:08:28:897
00000392 0.84567422 [372] ProcessGPO: Deferring search for <LDAP>
00000393 0.84568769 [372]
00000394 0.98091584 [372] USERENV(174.fc8) 10:08:29:035
00000395 0.98097616 [372] SearchDSObject: Searching <CN>
00000396 0.98102808 [372]
00000397 0.98694146 [372] USERENV(174.fc8) 10:08:29:035
00000398 0.98695707 [372] SearchDSObject: No GPO(s) for this object.
00000399 0.98697084 [372]
00000400 0.98814142 [372] USERENV(174.fc8) 10:08:29:051
00000401 0.98815894 [372] EvaluateDeferredGPOs: Searching for GPOs in cn=policies,cn=system,DC=Corp,DC=company,DC=net
00000402 0.98817247 [372]
00000403 1.21769023 [372] USERENV(174.fc8) 10:08:29:267
00000404 1.21770978 [372] ProcessGPO: ==============================
00000405 1.21772408 [372]
00000406 1.21891928 [372] USERENV(174.fc8) 10:08:29:267
00000407 1.21893680 [372] ProcessGPO: Searching <cn>
00000408 1.21895051 [372]
00000409 1.21999121 [372] USERENV(174.fc8) 10:08:29:267
00000410 1.22000754 [372] ProcessGPO: User has access to this GPO.
00000411 1.22003448 [372]
00000412 1.22105634 [372] USERENV(174.fc8) 10:08:29:267
00000413 1.22107255 [372] ProcessGPO: GPO passes the filter check.
00000414 1.22108614 [372]
00000415 1.22208059 [372] USERENV(174.fc8) 10:08:29:282
00000416 1.22209787 [372] ProcessGPO: Found functionality version of: 2
00000417 1.22211158 [372]
00000418 1.22312534 [372] USERENV(174.fc8) 10:08:29:282
00000419 1.22314310 [372] ProcessGPO: Found file system path of: <Corp>
00000420 1.22315669 [372]
00000421 1.39298534 [372] USERENV(174.fc8) 10:08:29:437
00000422 1.39301324 [372] ProcessGPO: Found common name of: <05BC4B42>
00000423 1.39302945 [372]
00000424 1.39418221 [372] USERENV(174.fc8) 10:08:29:452
00000425 1.39420664 [372] ProcessGPO: Found display name of: <Block>
00000426 1.39422226 [372]
00000427 1.39526129 [372] USERENV(174.fc8) 10:08:29:452
00000428 1.39529896 [372] ProcessGPO: Found user version of: GPC is 0, GPT is 0
00000429 1.39532971 [372]
00000430 1.39635384 [372] USERENV(174.fc8) 10:08:29:452
00000431 1.39636743 [372] ProcessGPO: Found flags of: 0
00000432 1.39637268 [372]
00000433 1.39741683 [372] USERENV(174.fc8) 10:08:29:452
00000434 1.39743280 [372] ProcessGPO: No client-side extensions for this object.
00000435 1.39744616 [372]
00000436 1.39842069 [372] USERENV(174.fc8) 10:08:29:452
00000437 1.39843833 [372] ProcessGPO: GPO Block IE7 doesn't contain any data since the version number is 0. It will be skipped.
00000438 1.39845133 [372]
00000439 1.39945304 [372] USERENV(174.fc8) 10:08:29:452
00000440 1.39946914 [372] ProcessGPO: ==============================
00000441 1.39948249 [372]
00000442 1.40047932 [372] USERENV(174.fc8) 10:08:29:452
00000443 1.40049541 [372] ProcessGPO: ==============================
00000444 1.40050852 [372]
00000445 1.40150177 [372] USERENV(174.fc8) 10:08:29:452
00000446 1.40151870 [372] ProcessGPO: Searching <CN>
00000447 1.40153193 [372]
00000448 1.40256941 [372] USERENV(174.fc8) 10:08:29:452
00000449 1.40258539 [372] ProcessGPO: User has access to this GPO.
00000450 1.40259874 [372]
00000451 1.40359318 [372] USERENV(174.fc8) 10:08:29:452
00000452 1.40361035 [372] ProcessGPO: GPO passes the filter check.
00000453 1.40362382 [372]
00000454 1.40461361 [372] USERENV(174.fc8) 10:08:29:452
00000455 1.40463209 [372] ProcessGPO: Found functionality version of: 2
00000456 1.40464580 [372]
00000457 1.40563095 [372] USERENV(174.fc8) 10:08:29:452
00000458 1.40564907 [372] ProcessGPO: Found file system path of: <Corp>
00000459 1.40566254 [372]
00000460 1.41204035 [372] USERENV(174.fc8) 10:08:29:468
00000461 1.41205740 [372] ProcessGPO: Found common name of: <21AE63F3>
00000462 1.41207087 [372]
00000463 1.41308832 [372] USERENV(174.fc8) 10:08:29:468
00000464 1.41310453 [372] ProcessGPO: Found display name of: <XP>
00000465 1.41311789 [372]
00000466 1.41416192 [372] USERENV(174.fc8) 10:08:29:468
00000467 1.41417992 [372] ProcessGPO: Found user version of: GPC is 0, GPT is 0
00000468 1.41419339 [372]
00000469 1.41520417 [372] USERENV(174.fc8) 10:08:29:468
00000470 1.41522074 [372] ProcessGPO: Found flags of: 0
00000471 1.41523409 [372]
00000472 1.41622937 [372] USERENV(174.fc8) 10:08:29:468
00000473 1.41624653 [372] ProcessGPO: No client-side extensions for this object.
00000474 1.41625988 [372]
00000475 1.41725600 [372] USERENV(174.fc8) 10:08:29:468
00000476 1.41727400 [372] ProcessGPO: GPO XP Firewall doesn't contain any data since the version number is 0. It will be skipped.
00000477 1.41730070 [372]
00000478 1.41828704 [372] USERENV(174.fc8) 10:08:29:468
00000479 1.41830397 [372] ProcessGPO: ==============================
00000480 1.41831756 [372]
00000481 1.41935170 [372] USERENV(174.fc8) 10:08:29:468
00000482 1.41936743 [372] ProcessGPO: ==============================
00000483 1.41938055 [372]
00000484 1.42037177 [372] USERENV(174.fc8) 10:08:29:468
00000485 1.42038918 [372] ProcessGPO: Searching <cn>
00000486 1.42040288 [372]
00000487 1.42140937 [372] USERENV(174.fc8) 10:08:29:468
00000488 1.42142594 [372] ProcessGPO: User has access to this GPO.
00000489 1.42143917 [372]
00000490 1.42244387 [372] USERENV(174.fc8) 10:08:29:468
00000491 1.42246032 [372] ProcessGPO: GPO passes the filter check.
00000492 1.42247355 [372]
00000493 1.42349017 [372] USERENV(174.fc8) 10:08:29:468
00000494 1.42350662 [372] ProcessGPO: Found functionality version of: 2
00000495 1.42352009 [372]
00000496 1.42452335 [372] USERENV(174.fc8) 10:08:29:468
00000497 1.42454255 [372] ProcessGPO: Found file system path of: <Corp>
00000498 1.42455459 [372]
00000499 1.43080986 [372] USERENV(174.fc8) 10:08:29:483
00000500 1.43082631 [372] ProcessGPO: Found common name of: <0F9971EC>
00000501 1.43084013 [372]
00000502 1.43184495 [372] USERENV(174.fc8) 10:08:29:483
00000503 1.43186176 [372] ProcessGPO: Found display name of: <ScreenSaver>
00000504 1.43187511 [372]
00000505 1.43286717 [372] USERENV(174.fc8) 10:08:29:483
00000506 1.43288279 [372] ProcessGPO: Found user version of: GPC is 3, GPT is 3
00000507 1.43289626 [372]
00000508 1.43388164 [372] USERENV(174.fc8) 10:08:29:483
00000509 1.43389833 [372] ProcessGPO: Found flags of: 0
00000510 1.43391180 [372]
00000511 1.43491590 [372] USERENV(174.fc8) 10:08:29:483
00000512 1.43493295 [372] ProcessGPO: Found extensions: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
00000513 1.43494630 [372]
00000514 1.43595409 [372] USERENV(174.fc8) 10:08:29:483
00000515 1.43597054 [372] ProcessGPO: ==============================
00000516 1.43598390 [372]
00000517 1.43699908 [372] USERENV(174.fc8) 10:08:29:483
00000518 1.43701518 [372] ProcessGPO: ==============================
00000519 1.43702865 [372]
00000520 1.43803346 [372] USERENV(174.fc8) 10:08:29:483
00000521 1.43805075 [372] ProcessGPO: Searching <cn>
00000522 1.43806434 [372]
00000523 1.43906474 [372] USERENV(174.fc8) 10:08:29:483
00000524 1.43908083 [372] ProcessGPO: User has access to this GPO.
00000525 1.43909419 [372]
00000526 1.44012618 [372] USERENV(174.fc8) 10:08:29:483
00000527 1.44014311 [372] ProcessGPO: GPO passes the filter check.
00000528 1.44015718 [372]
00000529 1.44130015 [372] USERENV(174.fc8) 10:08:29:499
00000530 1.44131672 [372] ProcessGPO: Found functionality version of: 2
00000531 1.44133055 [372]
00000532 1.44232070 [372] USERENV(174.fc8) 10:08:29:499
00000533 1.44233882 [372] ProcessGPO: Found file system path of: <Corp>
00000534 1.44235241 [372]
00000535 1.44832802 [372] USERENV(174.fc8) 10:08:29:499
00000536 1.44834459 [372] ProcessGPO: Found common name of: <5D5E363C>
00000537 1.44835818 [372]
00000538 1.44937050 [372] USERENV(174.fc8) 10:08:29:499
00000539 1.44938707 [372] ProcessGPO: Found display name of: <Qakbot>
00000540 1.44940078 [372]
00000541 1.45038700 [372] USERENV(174.fc8) 10:08:29:499
00000542 1.45040417 [372] ProcessGPO: Found user version of: GPC is 0, GPT is 0
00000543 1.45041788 [372]
00000544 1.45139027 [372] USERENV(174.fc8) 10:08:29:499
00000545 1.45140672 [372] ProcessGPO: Found flags of: 0
00000546 1.45142031 [372]
00000547 1.45241070 [372] USERENV(174.fc8) 10:08:29:499
00000548 1.45242727 [372] ProcessGPO: No client-side extensions for this object.
00000549 1.45244074 [372]
00000550 1.45341754 [372] USERENV(174.fc8) 10:08:29:499
00000551 1.45343494 [372] ProcessGPO: GPO Qakbot Virus - Disable AutoRun doesn't contain any data since the version number is 0. It will be skipped.
00000552 1.45344853 [372]
00000553 1.45442390 [372] USERENV(174.fc8) 10:08:29:499
00000554 1.45444238 [372] ProcessGPO: ==============================
00000555 1.45446885 [372]
00000556 1.45546854 [372] USERENV(174.fc8) 10:08:29:499
00000557 1.45548439 [372] ProcessGPO: ==============================
00000558 1.45549750 [372]
00000559 1.45649338 [372] USERENV(174.fc8) 10:08:29:514
00000560 1.45651042 [372] ProcessGPO: Searching <cn>
00000561 1.45652413 [372]
00000562 1.45754743 [372] USERENV(174.fc8) 10:08:29:514
00000563 1.45756328 [372] ProcessGPO: User has access to this GPO.
00000564 1.45757663 [372]
00000565 1.45855212 [372] USERENV(174.fc8) 10:08:29:514
00000566 1.45856833 [372] ProcessGPO: GPO passes the filter check.
00000567 1.45858204 [372]
00000568 1.45956659 [372] USERENV(174.fc8) 10:08:29:514
00000569 1.45958340 [372] ProcessGPO: Found functionality version of: 2
00000570 1.45959687 [372]
00000571 1.46059191 [372] USERENV(174.fc8) 10:08:29:514
00000572 1.46060979 [372] ProcessGPO: Found file system path of: <Corp>
00000573 1.46062362 [372]
00000574 1.46668398 [372] USERENV(174.fc8) 10:08:29:514
00000575 1.46670687 [372] ProcessGPO: Found common name of: <D9346214>
00000576 1.46672773 [372]
00000577 1.46784270 [372] USERENV(174.fc8) 10:08:29:514
00000578 1.46785939 [372] ProcessGPO: Found display name of: <Wireless>
00000579 1.46787298 [372]
00000580 1.46889400 [372] USERENV(174.fc8) 10:08:29:514
00000581 1.46890903 [372] ProcessGPO: Found user version of: GPC is 0, GPT is 0
00000582 1.46892285 [372]
00000583 1.46992862 [372] USERENV(174.fc8) 10:08:29:514
00000584 1.46994495 [372] ProcessGPO: Found flags of: 0
00000585 1.46995854 [372]
00000586 1.47099102 [372] USERENV(174.fc8) 10:08:29:514
00000587 1.47101629 [372] ProcessGPO: No client-side extensions for this object.
00000588 1.47103226 [372]
00000589 1.47203279 [372] USERENV(174.fc8) 10:08:29:530
00000590 1.47205031 [372] ProcessGPO: GPO Wireless Security Policy doesn't contain any data since the version number is 0. It will be skipped.
00000591 1.47206378 [372]
00000592 1.47312260 [372] USERENV(174.fc8) 10:08:29:530
00000593 1.47313905 [372] ProcessGPO: ==============================
00000594 1.47315300 [372]
00000595 1.47415459 [372] USERENV(174.fc8) 10:08:29:530
00000596 1.47417128 [372] ProcessGPO: ==============================
00000597 1.47420108 [372]
00000598 1.47520602 [372] USERENV(174.fc8) 10:08:29:530
00000599 1.47522342 [372] ProcessGPO: Searching <cn>
00000600 1.47523689 [372]
00000601 1.47628343 [372] USERENV(174.fc8) 10:08:29:530
00000602 1.47630703 [372] ProcessGPO: User has access to this GPO.
00000603 1.47632766 [372]
00000604 1.47735357 [372] USERENV(174.fc8) 10:08:29:530
00000605 1.47736931 [372] ProcessGPO: GPO passes the filter check.
00000606 1.47738278 [372]
00000607 1.47839212 [372] USERENV(174.fc8) 10:08:29:530
00000608 1.47840893 [372] ProcessGPO: Found functionality version of: 2
00000609 1.47842252 [372]
00000610 1.47941363 [372] USERENV(174.fc8) 10:08:29:530
00000611 1.47943199 [372] ProcessGPO: Found file system path of: <Corp>
00000612 1.47944558 [372]
00000613 1.48548925 [372] USERENV(174.fc8) 10:08:29:530
00000614 1.48550570 [372] ProcessGPO: Found common name of: <8100E18E>
00000615 1.48551941 [372]
00000616 1.48653197 [372] USERENV(174.fc8) 10:08:29:530
00000617 1.48654902 [372] ProcessGPO: Found display name of: <ACX>
00000618 1.48656261 [372]
00000619 1.48756409 [372] USERENV(174.fc8) 10:08:29:545
00000620 1.48758101 [372] ProcessGPO: Found user version of: GPC is 0, GPT is 0
00000621 1.48759496 [372]
00000622 1.48860288 [372] USERENV(174.fc8) 10:08:29:545
00000623 1.48861897 [372] ProcessGPO: Found flags of: 0
00000624 1.48863280 [372]
00000625 1.48966014 [372] USERENV(174.fc8) 10:08:29:545
00000626 1.48967671 [372] ProcessGPO: No client-side extensions for this object.
00000627 1.48969007 [372]
00000628 1.49071181 [372] USERENV(174.fc8) 10:08:29:545
00000629 1.49073017 [372] ProcessGPO: GPO ACX Trusted Root Certificate Authorities doesn't contain any data since the version number is 0. It will be skipped.
00000630 1.49074376 [372]
00000631 1.49172914 [372] USERENV(174.fc8) 10:08:29:545
00000632 1.49174571 [372] ProcessGPO: ==============================
00000633 1.49175942 [372]
00000634 1.49275565 [372] USERENV(174.fc8) 10:08:29:545
00000635 1.49277413 [372] EvalList: Object <cn> cannot be accessed
00000636 1.49278760 [372]
00000637 1.49378145 [372] USERENV(174.fc8) 10:08:29:545
00000638 1.49379802 [372] ProcessGPO: ==============================
00000639 1.49381137 [372]
00000640 1.49480999 [372] USERENV(174.fc8) 10:08:29:545
00000641 1.49484849 [372] ProcessGPO: Searching <cn>
00000642 1.49487293 [372]
00000643 1.49589837 [372] USERENV(174.fc8) 10:08:29:545
00000644 1.49591422 [372] ProcessGPO: User has access to this GPO.
00000645 1.49592793 [372]
00000646 1.49694312 [372] USERENV(174.fc8) 10:08:29:545
00000647 1.49695981 [372] ProcessGPO: GPO passes the filter check.
00000648 1.49697328 [372]
00000649 1.49797821 [372] USERENV(174.fc8) 10:08:29:545
00000650 1.49799073 [372] ProcessGPO: Found functionality version of: 2
00000651 1.49800968 [372]
00000652 1.49903870 [372] USERENV(174.fc8) 10:08:29:545
00000653 1.49905634 [372] ProcessGPO: Found file system path of: <Corp>
00000654 1.49907017 [372]
00000655 1.50518930 [372] USERENV(174.fc8) 10:08:29:560
00000656 1.50520575 [372] ProcessGPO: Found common name of: <74692FFF>
00000657 1.50521958 [372]
00000658 1.50622380 [372] USERENV(174.fc8) 10:08:29:560
00000659 1.50624084 [372] ProcessGPO: Found display name of: <Offie2003>
00000660 1.50625432 [372]
00000661 1.50725436 [372] USERENV(174.fc8) 10:08:29:560
00000662 1.50727177 [372] ProcessGPO: Found user version of: GPC is 3, GPT is 3
00000663 1.50728524 [372]
00000664 1.50845301 [372] USERENV(174.fc8) 10:08:29:560
00000665 1.50846982 [372] ProcessGPO: Found flags of: 0
00000666 1.50848937 [372]
00000667 1.50950933 [372] USERENV(174.fc8) 10:08:29:560
00000668 1.50952661 [372] ProcessGPO: Found extensions: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
00000669 1.50954008 [372]
00000670 1.51055217 [372] USERENV(174.fc8) 10:08:29:560
00000671 1.51056826 [372] ProcessGPO: ==============================
00000672 1.51058197 [372]
00000673 1.51159048 [372] USERENV(174.fc8) 10:08:29:560
00000674 1.51160371 [372] ProcessGPO: ==============================
00000675 1.51161730 [372]
00000676 1.51260734 [372] USERENV(174.fc8) 10:08:29:560
00000677 1.51262486 [372] ProcessGPO: Searching <cn>
00000678 1.51263833 [372]
00000679 1.51366651 [372] USERENV(174.fc8) 10:08:29:560
00000680 1.51368368 [372] ProcessGPO: User does not have access to the GPO and so will not be applied.
00000681 1.51369762 [372]
00000682 1.51470339 [372] USERENV(174.fc8) 10:08:29:560
00000683 1.51472044 [372] ProcessGPO: Found functionality version of: 2
00000684 1.51473391 [372]
00000685 1.51574719 [372] USERENV(174.fc8) 10:08:29:560
00000686 1.51576555 [372] ProcessGPO: Found file system path of: <Corp>
00000687 1.51577938 [372]
00000688 1.51678312 [372] USERENV(174.fc8) 10:08:29:560
00000689 1.51680005 [372] ProcessGPO: Sysvol access skipped because GPO is not getting applied.
00000690 1.51681352 [372]
00000691 1.51781881 [372] USERENV(174.fc8) 10:08:29:560
00000692 1.51783574 [372] ProcessGPO: Found common name of: <D3C2DEF4>
00000693 1.51784945 [372]
00000694 1.51887178 [372] USERENV(174.fc8) 10:08:29:576
00000695 1.51888883 [372] ProcessGPO: Found display name of: <ScreenSaver>
00000696 1.51890230 [372]
00000697 1.51990449 [372] USERENV(174.fc8) 10:08:29:576
00000698 1.51992226 [372] ProcessGPO: Found user version of: GPC is 3, GPT is 65535
00000699 1.51993573 [372]
00000700 1.52093887 [372] USERENV(174.fc8) 10:08:29:576
00000701 1.52095509 [372] ProcessGPO: Found flags of: 0
00000702 1.52096856 [372]
00000703 1.52197433 [372] USERENV(174.fc8) 10:08:29:576
00000704 1.52199209 [372] ProcessGPO: Found extensions: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
00000705 1.52201843 [372]
00000706 1.52303708 [372] USERENV(174.fc8) 10:08:29:576
00000707 1.52305365 [372] ProcessGPO: ==============================
00000708 1.52306712 [372]
00000709 1.52407730 [372] USERENV(174.fc8) 10:08:29:576
00000710 1.52409303 [372] ProcessGPO: ==============================
00000711 1.52411258 [372]
00000712 1.52517426 [372] USERENV(174.fc8) 10:08:29:576
00000713 1.52518928 [372] ProcessGPO: Searching <CN>
00000714 1.52520251 [372]
00000715 1.52622378 [372] USERENV(174.fc8) 10:08:29:576
00000716 1.52624106 [372] ProcessGPO: User does not have access to the GPO and so will not be applied.
00000717 1.52625453 [372]
00000718 1.52726209 [372] USERENV(174.fc8) 10:08:29:576
00000719 1.52727866 [372] ProcessGPO: Found functionality version of: 2
00000720 1.52729237 [372]
00000721 1.52829802 [372] USERENV(174.fc8) 10:08:29:576
00000722 1.52831578 [372] ProcessGPO: Found file system path of: <Corp>
00000723 1.52832949 [372]
00000724 1.52935386 [372] USERENV(174.fc8) 10:08:29:576
00000725 1.52937150 [372] ProcessGPO: Sysvol access skipped because GPO is not getting applied.
00000726 1.52938509 [372]
00000727 1.53039742 [372] USERENV(174.fc8) 10:08:29:576
00000728 1.53041518 [372] ProcessGPO: Found common name of: <2098B5A8>
00000729 1.53042865 [372]
00000730 1.53143907 [372] USERENV(174.fc8) 10:08:29:576
00000731 1.53145659 [372] ProcessGPO: Found display name of: <Laptop>
00000732 1.53147006 [372]
00000733 1.53247929 [372] USERENV(174.fc8) 10:08:29:576
00000734 1.53249729 [372] ProcessGPO: Found user version of: GPC is 0, GPT is 65535
00000735 1.53251076 [372]
00000736 1.53352308 [372] USERENV(174.fc8) 10:08:29:576
00000737 1.53354084 [372] ProcessGPO: Found flags of: 0
00000738 1.53355491 [372]
00000739 1.53457141 [372] USERENV(174.fc8) 10:08:29:591
00000740 1.53458834 [372] ProcessGPO: No client-side extensions for this object.
00000741 1.53460217 [372]
00000742 1.53561723 [372] USERENV(174.fc8) 10:08:29:591
00000743 1.53563344 [372] ProcessGPO: ==============================
00000744 1.53564715 [372]
00000745 1.53664446 [372] USERENV(174.fc8) 10:08:29:591
00000746 1.53666067 [372] ProcessGPO: ==============================
00000747 1.53667414 [372]
00000748 1.53765488 [372] USERENV(174.fc8) 10:08:29:591
00000749 1.53767300 [372] ProcessGPO: Searching <CN>
00000750 1.53768671 [372]
00000751 1.53869927 [372] USERENV(174.fc8) 10:08:29:591
00000752 1.53872025 [372] ProcessGPO: User does not have access to the GPO and so will not be applied.
00000753 1.53873396 [372]
00000754 1.53973901 [372] USERENV(174.fc8) 10:08:29:591
00000755 1.53975654 [372] ProcessGPO: Found functionality version of: 2
00000756 1.53977001 [372]
00000757 1.54075778 [372] USERENV(174.fc8) 10:08:29:591
00000758 1.54077649 [372] ProcessGPO: Found file system path of: <Corp>
00000759 1.54078996 [372]
00000760 1.54175901 [372] USERENV(174.fc8) 10:08:29:591
00000761 1.54177630 [372] ProcessGPO: Sysvol access skipped because GPO is not getting applied.
00000762 1.54179001 [372]
00000763 1.54278791 [372] USERENV(174.fc8) 10:08:29:591
00000764 1.54280543 [372] ProcessGPO: Found common name of: <68DF9853>
00000765 1.54281902 [372]
00000766 1.54381192 [372] USERENV(174.fc8) 10:08:29:591
00000767 1.54382944 [372] ProcessGPO: Found display name of: <Help>
00000768 1.54384327 [372]
00000769 1.54482973 [372] USERENV(174.fc8) 10:08:29:591
00000770 1.54484773 [372] ProcessGPO: Found user version of: GPC is 32, GPT is 65535
00000771 1.54486144 [372]
00000772 1.54589927 [372] USERENV(174.fc8) 10:08:29:591
00000773 1.54591668 [372] ProcessGPO: Found flags of: 0
00000774 1.54593050 [372]
00000775 1.54692483 [372] USERENV(174.fc8) 10:08:29:591
00000776 1.54694331 [372] ProcessGPO: Found extensions: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
00000777 1.54695714 [372]
00000778 1.54794753 [372] USERENV(174.fc8) 10:08:29:591
00000779 1.54796493 [372] ProcessGPO: ==============================
00000780 1.54797864 [372]
00000781 1.54894793 [372] USERENV(174.fc8) 10:08:29:591
00000782 1.54896486 [372] ProcessGPO: ==============================
00000783 1.54897857 [372]
00000784 1.55006635 [372] USERENV(174.fc8) 10:08:29:607
00000785 1.55008209 [372] ProcessGPO: Searching <CN>
00000786 1.55009592 [372]
00000787 1.55110347 [372] USERENV(174.fc8) 10:08:29:607
00000788 1.55112040 [372] ProcessGPO: User has access to this GPO.
00000789 1.55113423 [372]
00000790 1.55212867 [372] USERENV(174.fc8) 10:08:29:607
00000791 1.55214441 [372] ProcessGPO: GPO passes the filter check.
00000792 1.55215788 [372]
00000793 1.55317843 [372] USERENV(174.fc8) 10:08:29:607
00000794 1.55319607 [372] ProcessGPO: Found functionality version of: 2
00000795 1.55320966 [372]
00000796 1.55422616 [372] USERENV(174.fc8) 10:08:29:607
00000797 1.55424345 [372] ProcessGPO: Found file system path of: <Corp>
00000798 1.55425715 [372]
00000799 1.56112373 [372] USERENV(174.fc8) 10:08:29:607
00000800 1.56114054 [372] ProcessGPO: Found common name of: <31B2F340>
00000801 1.56115437 [372]
00000802 1.56214964 [372] USERENV(174.fc8) 10:08:29:607
00000803 1.56216705 [372] ProcessGPO: Found display name of: <Default>
00000804 1.56218350 [372]
00000805 1.56318545 [372] USERENV(174.fc8) 10:08:29:607
00000806 1.56320119 [372] ProcessGPO: Found user version of: GPC is 1, GPT is 1
00000807 1.56321466 [372]
00000808 1.56420028 [372] USERENV(174.fc8) 10:08:29:607
00000809 1.56421638 [372] ProcessGPO: Found flags of: 0
00000810 1.56422985 [372]
00000811 1.56521904 [372] USERENV(174.fc8) 10:08:29:607
00000812 1.56523633 [372] ProcessGPO: Found extensions: [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-11D2-842D-00C04FA372D4}]
00000813 1.56524980 [372]
00000814 1.56626046 [372] USERENV(174.fc8) 10:08:29:622
00000815 1.56627643 [372] ProcessGPO: ==============================
00000816 1.56629801 [372]
00000817 1.56729150 [372] USERENV(174.fc8) 10:08:29:622
00000818 1.56730974 [372] EvalList: Object <cn> cannot be accessed
00000819 1.56732321 [372]
00000820 1.56830513 [372] USERENV(174.fc8) 10:08:29:622
00000821 1.56832337 [372] EvalList: Object <cn> cannot be accessed
00000822 1.56833696 [372]
00000823 1.56931341 [372] USERENV(174.fc8) 10:08:29:622
00000824 1.56932986 [372] ProcessGPO: ==============================
00000825 1.56934345 [372]
00000826 1.57032788 [372] USERENV(174.fc8) 10:08:29:622
00000827 1.57034612 [372] ProcessGPO: Searching <CN>
00000828 1.57035959 [372]
00000829 1.57136786 [372] USERENV(174.fc8) 10:08:29:622
00000830 1.57138467 [372] ProcessGPO: User has access to this GPO.
00000831 1.57139826 [372]
00000832 1.57242417 [372] USERENV(174.fc8) 10:08:29:622
00000833 1.57244086 [372] ProcessGPO: GPO passes the filter check.
00000834 1.57245433 [372]
00000835 1.57344210 [372] USERENV(174.fc8) 10:08:29:622
00000836 1.57345939 [372] ProcessGPO: Found functionality version of: 2
00000837 1.57347286 [372]
00000838 1.57450068 [372] USERENV(174.fc8) 10:08:29:622
00000839 1.57451606 [372] ProcessGPO: Found file system path of: <Corp>
00000840 1.57452953 [372]
00000841 1.58031833 [372] USERENV(174.fc8) 10:08:29:622
00000842 1.58033526 [372] ProcessGPO: Found common name of: <2D8F2332>
00000843 1.58034873 [372]
00000844 1.58130062 [372] USERENV(174.fc8) 10:08:29:638
00000845 1.58131242 [372] ProcessGPO: Found display name of: <Policy>
00000846 1.58132446 [372]
00000847 1.58233583 [372] USERENV(174.fc8) 10:08:29:638
00000848 1.58235288 [372] ProcessGPO: Found user version of: GPC is 0, GPT is 0
00000849 1.58236647 [372]
00000850 1.58334827 [372] USERENV(174.fc8) 10:08:29:638
00000851 1.58336496 [372] ProcessGPO: Found flags of: 0
00000852 1.58337843 [372]
00000853 1.58437228 [372] USERENV(174.fc8) 10:08:29:638
00000854 1.58439016 [372] ProcessGPO: No client-side extensions for this object.
00000855 1.58440363 [372]
00000856 1.58540010 [372] USERENV(174.fc8) 10:08:29:638
00000857 1.58541763 [372] ProcessGPO: GPO Policy Updates doesn't contain any data since the version number is 0. It will be skipped.
00000858 1.58543122 [372]
00000859 1.58644283 [372] USERENV(174.fc8) 10:08:29:638
00000860 1.58645928 [372] ProcessGPO: ==============================
00000861 1.58647275 [372]
00000862 1.58768916 [372] USERENV(174.fc8) 10:08:29:638
00000863 1.58770525 [372] GetGPOInfo: GPO Local Group Policy doesn't contain any data since the version number is 0. It will be skipped.
00000864 1.58771873 [372]
00000865 1.58902538 [372] USERENV(174.fc8) 10:08:29:638
00000866 1.58904147 [372] GetGPOInfo: Leaving with 1
00000867 1.58905530 [372]
00000868 1.59003806 [372] USERENV(174.fc8) 10:08:29:638
00000869 1.59005463 [372] GetGPOInfo: ********************************
00000870 1.59007621 [372]
00000871 1.59112954 [372] USERENV(174.fc8) 10:08:29:638
00000872 1.59114754 [372] ReadMembershipList: Old count 62 is different from current count 61
00000873 1.59116101 [372]
00000874 1.60255682 [372] USERENV(174.fc8) 10:08:29:653
00000875 1.60256553 [372] ReadMembershipList: Old count 62 is different from current count 61
00000876 1.60258937 [372]
00000877 1.62469757 [372] USERENV(174.fc8) 10:08:29:668
00000878 1.62471342 [372] ProcessGPOs: Logging Data for Target <qcadmin>.
00000879 1.62472713 [372]
00000880 1.62958944 [372] USERENV(174.fc8) 10:08:29:684
00000881 1.62961113 [372] GetWbemServices: CoCreateInstance succeeded
00000882 1.62962627 [372]
00000883 1.68679500 [372] USERENV(174.fc8) 10:08:29:730
00000884 1.68681622 [372] ConnectToNameSpace: ConnectServer returned 0x0
00000885 1.68683076 [372]
00000886 1.69945884 [372] USERENV(174.fc8) 10:08:29:746
00000887 1.69947636 [372] CSessionLogger::Log: logging new security grps
00000888 1.69948983 [372]
00000889 1.70817351 [372] USERENV(174.fc8) 10:08:29:761
00000890 1.71334302 [372] ProcessGPOs: Logged Rsop Session successfully.
00000891 1.71348500 [372]
00000892 1.71443367 [372] USERENV(174.fc8) 10:08:29:761
00000893 1.71445143 [372] ProcessGPOs: OpenThreadToken failed with error 1008, assuming thread is not impersonating
00000894 1.71446502 [372]
00000895 1.71548951 [372] USERENV(174.fc8) 10:08:29:761
00000896 1.71550953 [372] ProcessGPOs: -----------------------
00000897 1.71556842 [372]
00000898 1.71657550 [372] USERENV(174.fc8) 10:08:29:761
00000899 1.71658826 [372] ProcessGPOs: Processing extension Registry
00000900 1.71660280 [372]
00000901 1.71760631 [372] USERENV(174.fc8) 10:08:29:761
00000902 1.71762204 [372] ReadStatus: Read Extension's Previous status successfully.
00000903 1.71763563 [372]
00000904 1.71867502 [372] USERENV(174.fc8) 10:08:29:761
00000905 1.71869099 [372] CompareGPOLists: The lists are the same.
00000906 1.71870410 [372]
00000907 1.71966791 [372] USERENV(174.fc8) 10:08:29:761
00000908 1.71968472 [372] ProcessGPOList: Entering for extension Registry
00000909 1.71969783 [372]
00000910 1.72068894 [372] USERENV(174.fc8) 10:08:29:761
00000911 1.72070539 [372] UserPolicyCallback: Setting status UI to Applying Registry policy...
00000912 1.72071862 [372]
00000913 1.73852789 [372] USERENV(174.fc8) 10:08:29:792
00000914 1.73853421 [372] LogExtSessionStatus: Successfully logged Extension Session data
00000915 1.73855257 [372]
00000916 1.73958039 [372] USERENV(174.fc8) 10:08:29:792
00000917 1.73959780 [372] EnterCriticalPolicySectionEx: Entering with timeout 60000 and flags 0x2
00000918 1.73961127 [372]
00000919 1.74056959 [372] USERENV(174.fc8) 10:08:29:792
00000920 1.74058747 [372] EnterCriticalPolicySectionEx: User critical section has been claimed. Handle = 0x904
00000921 1.74060071 [372]
00000922 1.74156415 [372] USERENV(174.fc8) 10:08:29:792
00000923 1.74158382 [372] EnterCriticalPolicySectionEx: Leaving successfully.
00000924 1.74159729 [372]
00000925 1.74261165 [372] USERENV(174.fc8) 10:08:29:792
00000926 1.74303365 [372] ResetPolicies: Entering.
00000927 1.74304795 [372]
00000928 1.74403012 [372] USERENV(174.fc8) 10:08:29:792
00000929 1.74404764 [372] SetRegPermissionsOnPoliciesKey: Resetting permission on the policy key
00000930 1.74406087 [372]
00000931 1.74506807 [372] USERENV(174.fc8) 10:08:29:792
00000932 1.74508512 [372] SetRegPermissionsOnPoliciesKey: Resetting permission on the policy key
00000933 1.74511099 [372]
00000934 1.74611151 [372] USERENV(174.fc8) 10:08:29:792
00000935 1.74612868 [372] ParseRegistryFile: Entering with <C>.
00000936 1.74614191 [372]
00000937 1.77417326 [372] USERENV(174.fc8) 10:08:29:807
00000938 1.77434814 [372] DeleteRegistryValue: Deleted Software\Policies\Microsoft\Office\11.0\Outlook\Display Types\TimetoShowRPCMessageHighBandwidth
00000939 1.77470374 [372]
00000940 1.77545059 [372] USERENV(174.fc8) 10:08:29:823
00000941 1.77546799 [372] DeleteRegistryValue: Deleted Software\Policies\Microsoft\Office\11.0\Outlook\Display Types\TimetoShowRPCMessageLowBandwidth
00000942 1.77548099 [372]
00000943 1.77655625 [372] USERENV(174.fc8) 10:08:29:823
00000944 1.77657354 [372] DeleteRegistryValue: Deleted Software\Policies\Microsoft\Office\11.0\Outlook\Display Types\TimeToUpdateTrayIconHighBandwidth
00000945 1.77658689 [372]
00000946 1.77770460 [372] USERENV(174.fc8) 10:08:29:823
00000947 1.77772224 [372] DeleteRegistryValue: Deleted Software\Policies\Microsoft\Office\11.0\Outlook\Display Types\TimeToUpdateTrayIconLowBandwidth
00000948 1.77773571 [372]
00000949 1.77887261 [372] USERENV(174.fc8) 10:08:29:823
00000950 1.77889073 [372] DeleteRegistryValue: Deleted Software\Policies\Microsoft\Office\11.0\Outlook\Options\Calendar\Internet Free/Busy\Lock FB Range
00000951 1.77890420 [372]
00000952 1.78002691 [372] USERENV(174.fc8) 10:08:29:823
00000953 1.78004313 [372] DeleteRegistryValue: Deleted Software\Policies\Microsoft\Office\11.0\Outlook\Preferences\FBPublishRange
00000954 1.78005683 [372]
00000955 1.78122282 [372] USERENV(174.fc8) 10:08:29:823
00000956 1.78124034 [372] DeleteRegistryValue: Deleted Software\Policies\Microsoft\Office\11.0\Outlook\Preferences\FBUpdateSecs
00000957 1.78125370 [372]
00000958 1.78243017 [372] USERENV(174.fc8) 10:08:29:823
00000959 1.78244734 [372] DeleteRegistryValue: Deleted Software\Policies\Microsoft\Windows\Control Panel\Desktop\ScreenSaveActive
00000960 1.78246069 [372]
00000961 1.78368127 [372] USERENV(174.fc8) 10:08:29:823
00000962 1.78369856 [372] DeleteRegistryValue: Deleted Software\Policies\Microsoft\Windows\Control Panel\Desktop\ScreenSaveTimeOut
00000963 1.78371203 [372]
00000964 1.78478694 [372] USERENV(174.fc8) 10:08:29:838
00000965 1.78481126 [372] DeleteRegistryValue: Deleted Software\Policies\Microsoft\Windows\Control Panel\Desktop\ScreenSaverIsSecure
00000966 1.78483355 [372]
00000967 1.78594220 [372] USERENV(174.fc8) 10:08:29:838
00000968 1.78595912 [372] DeleteRegistryValue: Deleted Software\Policies\Microsoft\Windows\Control Panel\Desktop\SCRNSAVE.EXE
00000969 1.78597260 [372]
00000970 1.78696680 [372] USERENV(174.fc8) 10:08:29:838
00000971 1.78698289 [372] ParseRegistryFile: Leaving.
00000972 1.78699636 [372]
00000973 1.78803110 [372] USERENV(174.fc8) 10:08:29:838
00000974 1.78804767 [372] ResetPolicies: resetting shell autorun value for server.
00000975 1.78806102 [372]
00000976 1.78905976 [372] USERENV(174.fc8) 10:08:29:838
00000977 1.78907537 [372] ResetPolicies: Leaving.
00000978 1.78908849 [372]
00000979 1.79035497 [372] USERENV(174.fc8) 10:08:29:838
00000980 1.79037380 [372] ParseRegistryFile: Entering with <Corp>.
00000981 1.79038727 [372]
00000982 1.79359114 [372] USERENV(174.fc8) 10:08:29:838
00000983 1.79362094 [372] SetRegistryValue: TimetoShowRPCMessageHighBandwidth => 60000 [OK]
00000984 1.79364192 [372]
00000985 1.79480302 [372] USERENV(174.fc8) 10:08:29:838
00000986 1.79481947 [372] SetRegistryValue: TimetoShowRPCMessageLowBandwidth => 120000 [OK]
00000987 1.79483294 [372]
00000988 1.79604971 [372] USERENV(174.fc8) 10:08:29:838
00000989 1.79607058 [372] SetRegistryValue: TimeToUpdateTrayIconHighBandwidth => 15000 [OK]
00000990 1.79609275 [372]
00000991 1.79739988 [372] USERENV(174.fc8) 10:08:29:838
00000992 1.79742324 [372] SetRegistryValue: TimeToUpdateTrayIconLowBandwidth => 30000 [OK]
00000993 1.79745007 [372]
00000994 1.79879069 [372] USERENV(174.fc8) 10:08:29:838
00000995 1.79881942 [372] SetRegistryValue: Lock FB Range => 0 [OK]
00000996 1.79885018 [372]
00000997 1.80016673 [372] USERENV(174.fc8) 10:08:29:854
00000998 1.80018973 [372] SetRegistryValue: FBPublishRange => 8 [OK]
00000999 1.80021143 [372]
00001000 1.80146015 [372] USERENV(174.fc8) 10:08:29:854
00001001 1.80148160 [372] SetRegistryValue: FBUpdateSecs => 900 [OK]
00001002 1.80150390 [372]
00001003 1.80262721 [372] USERENV(174.fc8) 10:08:29:854
00001004 1.80264843 [372] ParseRegistryFile: Leaving.
00001005 1.80266953 [372]
00001006 1.81066144 [372] USERENV(174.fc8) 10:08:29:854
00001007 1.81068754 [372] AllocAdmFileInfo: Adding File name <Corp> to the Adm list.
00001008 1.81070864 [372]
00001009 1.81723404 [372] USERENV(174.fc8) 10:08:29:869
00001010 1.81725180 [372] AllocAdmFileInfo: Adding File name <Corp> to the Adm list.
00001011 1.81726551 [372]
00001012 1.82036209 [372] USERENV(174.fc8) 10:08:29:869
00001013 1.82037950 [372] AllocAdmFileInfo: Adding File name <Corp> to the Adm list.
00001014 1.82039309 [372]
00001015 1.82350600 [372] USERENV(174.fc8) 10:08:29:869
00001016 1.82352364 [372] AllocAdmFileInfo: Adding File name <Corp> to the Adm list.
00001017 1.82353699 [372]
00001018 1.82667959 [372] USERENV(174.fc8) 10:08:29:869
00001019 1.82669723 [372] AllocAdmFileInfo: Adding File name <Corp> to the Adm list.
00001020 1.82671058 [372]
00001021 1.82956016 [372] USERENV(174.fc8) 10:08:29:869
00001022 1.82957804 [372] AllocAdmFileInfo: Adding File name <Corp> to the Adm list.
00001023 1.82959127 [372]
00001024 1.83061421 [372] USERENV(174.fc8) 10:08:29:869
00001025 1.83063209 [372] ParseRegistryFile: Entering with <Corp>.
00001026 1.83064532 [372]
00001027 1.83357966 [372] USERENV(174.fc8) 10:08:29:885
00001028 1.83359551 [372] SetRegistryValue: ScreenSaveActive => 1 [OK]
00001029 1.83360922 [372]
00001030 1.83471906 [372] USERENV(174.fc8) 10:08:29:885
00001031 1.83473480 [372] SetRegistryValue: ScreenSaveTimeOut => 600 [OK]
00001032 1.83474827 [372]
00001033 1.83586323 [372] USERENV(174.fc8) 10:08:29:885
00001034 1.83587921 [372] SetRegistryValue: ScreenSaverIsSecure => 1 [OK]
00001035 1.83589351 [372]
00001036 1.83699119 [372] USERENV(174.fc8) 10:08:29:885
00001037 1.83700871 [372] SetRegistryValue: SCRNSAVE.EXE => %SYSTEMROOT%\system32\logon.scr [OK]
00001038 1.83702230 [372]
00001039 1.83804607 [372] USERENV(174.fc8) 10:08:29:885
00001040 1.83806205 [372] ParseRegistryFile: Leaving.
00001041 1.83807540 [372]
00001042 1.84351349 [372] USERENV(174.fc8) 10:08:29:885
00001043 1.84353077 [372] AllocAdmFileInfo: Adding File name <Corp> to the Adm list.
00001044 1.84354413 [372]
00001045 1.84641683 [372] USERENV(174.fc8) 10:08:29:885
00001046 1.84643435 [372] AllocAdmFileInfo: Adding File name <Corp> to the Adm list.
00001047 1.84644794 [372]
00001048 1.84930539 [372] USERENV(174.fc8) 10:08:29:900
00001049 1.84932292 [372] AllocAdmFileInfo: Adding File name <Corp> to the Adm list.
00001050 1.84933639 [372]
00001051 1.85245383 [372] USERENV(174.fc8) 10:08:29:900
00001052 1.85247135 [372] AllocAdmFileInfo: Adding File name <Corp> to the Adm list.
00001053 1.85248482 [372]
00001054 1.85541332 [372] USERENV(174.fc8) 10:08:29:900
00001055 1.85543060 [372] AllocAdmFileInfo: Adding File name <Corp> to the Adm list.
00001056 1.85544395 [372]
00001057 1.94162667 [372] USERENV(174.fc8) 10:08:29:993
00001058 1.94165206 [372] LogRegistry RsopData: Successfully logged registry Rsop data
00001059 1.94166887 [372]
00001060 1.95011461 [372] USERENV(174.fc8) 10:08:29:993
00001061 1.95013702 [372] CAdmFileLogger::Log: Logging \\Corp.company.net\sysvol\Corp.company.net\Policies\{0F9971EC-6E33-43BE-92E4-21A621B5AEF2}\Adm\wuau.adm
00001062 1.95015240 [372]
00001063 1.95168185 [372] USERENV(174.fc8) 10:08:29:993
00001064 1.95169961 [372] CAdmFileLogger::Log: Logging \\Corp.company.net\sysvol\Corp.company.net\Policies\{0F9971EC-6E33-43BE-92E4-21A621B5AEF2}\Adm\wmplayer.adm
00001065 1.95171309 [372]
00001066 1.95326507 [372] USERENV(174.fc8) 10:08:29:993
00001067 1.95328033 [372] CAdmFileLogger::Log: Logging \\Corp.company.net\sysvol\Corp.company.net\Policies\{0F9971EC-6E33-43BE-92E4-21A621B5AEF2}\Adm\system.adm
00001068 1.95329332 [372]
00001069 1.95482695 [372] USERENV(174.fc8) 10:08:29:993
00001070 1.95484233 [372] CAdmFileLogger::Log: Logging \\Corp.company.net\sysvol\Corp.company.net\Policies\{0F9971EC-6E33-43BE-92E4-21A621B5AEF2}\Adm\inetres.adm
00001071 1.95485914 [372]
00001072 1.95644569 [372] USERENV(174.fc8) 10:08:30:008
00001073 1.95646143 [372] CAdmFileLogger::Log: Logging \\Corp.company.net\sysvol\Corp.company.net\Policies\{0F9971EC-6E33-43BE-92E4-21A621B5AEF2}\Adm\conf.adm
00001074 1.95647478 [372]
00001075 1.95805860 [372] USERENV(174.fc8) 10:08:30:008
00001076 1.95807397 [372] CAdmFileLogger::Log: Logging \\Corp.company.net\SysVol\Corp.company.net\Policies\{74692FFF-D0A0-43D8-895F-E5B5A73E7D98}\Adm\wuau.adm
00001077 1.95808733 [372]
00001078 1.95967376 [372] USERENV(174.fc8) 10:08:30:008
00001079 1.95968962 [372] CAdmFileLogger::Log: Logging \\Corp.company.net\SysVol\Corp.company.net\Policies\{74692FFF-D0A0-43D8-895F-E5B5A73E7D98}\Adm\wmplayer.adm
00001080 1.95970273 [372]
00001081 1.96124756 [372] USERENV(174.fc8) 10:08:30:008
00001082 1.96126294 [372] CAdmFileLogger::Log: Logging \\Corp.company.net\SysVol\Corp.company.net\Policies\{74692FFF-D0A0-43D8-895F-E5B5A73E7D98}\Adm\system.adm
00001083 1.96127605 [372]
00001084 1.96283698 [372] USERENV(174.fc8) 10:08:30:008
00001085 1.96285260 [372] CAdmFileLogger::Log: Logging \\Corp.company.net\SysVol\Corp.company.net\Policies\{74692FFF-D0A0-43D8-895F-E5B5A73E7D98}\Adm\OUTLK11.ADM
00001086 1.96287799 [372]
00001087 1.96443379 [372] USERENV(174.fc8) 10:08:30:008
00001088 1.96444941 [372] CAdmFileLogger::Log: Logging \\Corp.company.net\SysVol\Corp.company.net\Policies\{74692FFF-D0A0-43D8-895F-E5B5A73E7D98}\Adm\inetres.adm
00001089 1.96446908 [372]
00001090 1.96605718 [372] USERENV(174.fc8) 10:08:30:008
00001091 1.96607256 [372] CAdmFileLogger::Log: Logging \\Corp.company.net\SysVol\Corp.company.net\Policies\{74692FFF-D0A0-43D8-895F-E5B5A73E7D98}\Adm\conf.adm
00001092 1.96608603 [372]
00001093 1.96764076 [372] USERENV(174.fc8) 10:08:30:008
00001094 1.96765494 [372] LogAdmRsopData: Successfully logged Adm data
00001095 1.96766806 [372]
00001096 1.96961129 [372] USERENV(174.fc8) 10:08:30:008
00001097 1.96962845 [372] LeaveCriticalPolicySection: Critical section 0x904 has been released.
00001098 1.96964204 [372]
00001099 1.97065401 [372] USERENV(174.fc8) 10:08:30:008
00001100 1.97067273 [372] ProcessGPOList: Extension Registry was able to log data. RsopStatus = 0x0, dwRet = 0, Clearing the dirty bit
00001101 1.97068620 [372]
00001102 1.97317111 [372] USERENV(174.fc8) 10:08:30:024
00001103 1.97318625 [372] ProcessGPOs: -----------------------
00001104 1.97320008 [372]
00001105 1.97417498 [372] USERENV(174.fc8) 10:08:30:024
00001106 1.97419202 [372] ProcessGPOs: -----------------------
00001107 1.97420549 [372]
00001108 1.97519207 [372] USERENV(174.fc8) 10:08:30:024
00001109 1.97522736 [372] ProcessGPOs: Processing extension Wireless Group Policy
00001110 1.97525251 [372]
00001111 1.97625184 [372] USERENV(174.fc8) 10:08:30:024
00001112 1.97626555 [372] CompareGPOLists: The lists are the same.
00001113 1.97627902 [372]
00001114 1.97727025 [372] USERENV(174.fc8) 10:08:30:024
00001115 1.97728753 [372] ProcessGPOs: Extension Wireless Group Policy skipped with flags 0x6.
00001116 1.97730100 [372]
00001117 1.97838080 [372] USERENV(174.fc8) 10:08:30:024
00001118 1.97839653 [372] ProcessGPOs: -----------------------
00001119 1.97840953 [372]
00001120 1.97941041 [372] USERENV(174.fc8) 10:08:30:024
00001121 1.97942722 [372] ProcessGPOs: Processing extension Folder Redirection
00001122 1.97944033 [372]
00001123 1.98047006 [372] USERENV(174.fc8) 10:08:30:024
00001124 1.98048639 [372] CompareGPOLists: The lists are the same.
00001125 1.98049998 [372]
00001126 1.98145771 [372] USERENV(174.fc8) 10:08:30:024
00001127 1.98147392 [372] CompareGPOLists: The lists are the same.
00001128 1.98148727 [372]
00001129 1.98248410 [372] USERENV(174.fc8) 10:08:30:024
00001130 1.98250198 [372] ProcessGPOs: Extension Folder Redirection skipped because both deleted and changed GPO lists are empty.
00001131 1.98252702 [372]
00001132 1.99602234 [372] USERENV(174.fc8) 10:08:30:039


Last edited by miande on Wed Oct 26, 2011 11:26 am; edited 2 times in total
Wed Oct 26, 2011 11:12 am View user's profile Send private message
miande



Joined: 21 Oct 2011
Posts: 21
Country: United States

Post Reply with quote
The remaining of the log:

00001135 1.99705803 [372] USERENV(174.fc8) 10:08:30:039
00001133 1.99603891 [372] CExtSessionLogger::Delete: Failed to DeleteInstance with 0x80041002
00001134 1.99605274 [372]
00001135 1.99705803 [372] USERENV(174.fc8) 10:08:30:039
00001136 1.99707437 [372] ProcessGPOs: -----------------------
00001137 1.99708724 [372]
00001138 1.99806547 [372] USERENV(174.fc8) 10:08:30:039
00001139 1.99808156 [372] ProcessGPOs: Processing extension Microsoft Disk Quota
00001140 1.99809480 [372]
00001141 1.99907196 [372] USERENV(174.fc8) 10:08:30:039
00001142 1.99908209 [372] CompareGPOLists: The lists are the same.
00001143 1.99909818 [372]
00001144 2.00007391 [372] USERENV(174.fc8) 10:08:30:039
00001145 2.00009012 [372] ProcessGPOs: Extension Microsoft Disk Quota skipped with flags 0x6.
00001146 2.00010347 [372]
00001147 2.00103760 [372] USERENV(174.fc8) 10:08:30:039
00001148 2.00105357 [372] ProcessGPOs: -----------------------
00001149 2.00107956 [372]
00001150 2.00205398 [372] USERENV(174.fc8) 10:08:30:039
00001151 2.00206995 [372] ProcessGPOs: Processing extension QoS Packet Scheduler
00001152 2.00208306 [372]
00001153 2.00304699 [372] USERENV(174.fc8) 10:08:30:054
00001154 2.00306177 [372] CompareGPOLists: The lists are the same.
00001155 2.00307488 [372]
00001156 2.00508237 [372] USERENV(174.fc8) 10:08:30:054
00001157 2.00509906 [372] ProcessGPOs: Extension QoS Packet Scheduler skipped with flags 0x6.
00001158 2.00511241 [372]
00001159 2.00611639 [372] USERENV(174.fc8) 10:08:30:054
00001160 2.00613236 [372] ProcessGPOs: -----------------------
00001161 2.00614572 [372]
00001162 2.00710678 [372] USERENV(174.fc8) 10:08:30:054
00001163 2.00712323 [372] ProcessGPOs: Processing extension Scripts
00001164 2.00713634 [372]
00001165 2.00810122 [372] USERENV(174.fc8) 10:08:30:054
00001166 2.00811744 [372] CompareGPOLists: The lists are the same.
00001167 2.00813079 [372]
00001168 2.00906587 [372] USERENV(174.fc8) 10:08:30:054
00001169 2.00908375 [372] ProcessGPOs: Extension Scripts skipped because both deleted and changed GPO lists are empty.
00001170 2.00909686 [372]
00001171 2.01057673 [372] USERENV(174.fc8) 10:08:30:054
00001172 2.01059389 [372] CExtSessionLogger::Delete: Failed to DeleteInstance with 0x80041002
00001173 2.01060772 [372]
00001174 2.01157236 [372] USERENV(174.fc8) 10:08:30:054
00001175 2.01158738 [372] ProcessGPOs: -----------------------
00001176 2.01160026 [372]
00001177 2.01254463 [372] USERENV(174.fc8) 10:08:30:054
00001178 2.01256156 [372] ProcessGPOs: Processing extension Internet Explorer Zonemapping
00001179 2.01257515 [372]
00001180 2.01353025 [372] USERENV(174.fc8) 10:08:30:054
00001181 2.01354718 [372] CompareGPOLists: The lists are the same.
00001182 2.01356053 [372]
00001183 2.01453781 [372] USERENV(174.fc8) 10:08:30:054
00001184 2.01455474 [372] ProcessGPOs: Extension Internet Explorer Zonemapping skipped because both deleted and changed GPO lists are empty.
00001185 2.01456761 [372]
00001186 2.01594019 [372] USERENV(174.fc8) 10:08:30:054
00001187 2.01595736 [372] CExtSessionLogger::Delete: Failed to DeleteInstance with 0x80041002
00001188 2.01597047 [372]
00001189 2.01691890 [372] USERENV(174.fc8) 10:08:30:054
00001190 2.01693535 [372] ProcessGPOs: -----------------------
00001191 2.01694846 [372]
00001192 2.01791048 [372] USERENV(174.fc8) 10:08:30:054
00001193 2.01792765 [372] ProcessGPOs: Processing extension Internet Explorer User Accelerators
00001194 2.01794076 [372]
00001195 2.01891446 [372] USERENV(174.fc8) 10:08:30:070
00001196 2.01893044 [372] CompareGPOLists: The lists are the same.
00001197 2.01894379 [372]
00001198 2.01989198 [372] USERENV(174.fc8) 10:08:30:070
00001199 2.01990914 [372] ProcessGPOs: Extension Internet Explorer User Accelerators skipped because both deleted and changed GPO lists are empty.
00001200 2.01992226 [372]
00001201 2.02138901 [372] USERENV(174.fc8) 10:08:30:070
00001202 2.02140474 [372] CExtSessionLogger::Delete: Failed to DeleteInstance with 0x80041002
00001203 2.02141809 [372]
00001204 2.02238154 [372] USERENV(174.fc8) 10:08:30:070
00001205 2.02239728 [372] ProcessGPOs: -----------------------
00001206 2.02241039 [372]
00001207 2.02336717 [372] USERENV(174.fc8) 10:08:30:070
00001208 2.02338338 [372] ProcessGPOs: Processing extension Security
00001209 2.02339697 [372]
00001210 2.02435565 [372] USERENV(174.fc8) 10:08:30:070
00001211 2.02437162 [372] CompareGPOLists: The lists are the same.
00001212 2.02438474 [372]
00001213 2.02533126 [372] USERENV(174.fc8) 10:08:30:070
00001214 2.02534819 [372] ProcessGPOs: Extension Security skipped with flags 0x6.
00001215 2.02536130 [372]
00001216 2.02630782 [372] USERENV(174.fc8) 10:08:30:070
00001217 2.02632403 [372] ProcessGPOs: -----------------------
00001218 2.02633715 [372]
00001219 2.02729416 [372] USERENV(174.fc8) 10:08:30:070
00001220 2.02731133 [372] ProcessGPOs: Processing extension Internet Explorer Branding
00001221 2.02732444 [372]
00001222 2.02829146 [372] USERENV(174.fc8) 10:08:30:070
00001223 2.02830791 [372] CompareGPOLists: The lists are the same.
00001224 2.02832127 [372]
00001225 2.02927423 [372] USERENV(174.fc8) 10:08:30:070
00001226 2.02929211 [372] ProcessGPOs: Extension Internet Explorer Branding skipped because both deleted and changed GPO lists are empty.
00001227 2.02930522 [372]
00001228 2.03073025 [372] USERENV(174.fc8) 10:08:30:070
00001229 2.03074384 [372] CExtSessionLogger::Delete: Failed to DeleteInstance with 0x80041002
00001230 2.03075695 [372]
00001231 2.03170705 [372] USERENV(174.fc8) 10:08:30:070
00001232 2.03172350 [372] ProcessGPOs: -----------------------
00001233 2.03173661 [372]
00001234 2.03267670 [372] USERENV(174.fc8) 10:08:30:070
00001235 2.03269339 [372] ProcessGPOs: Processing extension EFS recovery
00001236 2.03270626 [372]
00001237 2.03367519 [372] USERENV(174.fc8) 10:08:30:070
00001238 2.03369117 [372] CompareGPOLists: The lists are the same.
00001239 2.03370428 [372]
00001240 2.03465748 [372] USERENV(174.fc8) 10:08:30:085
00001241 2.03467464 [372] ProcessGPOs: Extension EFS recovery skipped with flags 0x6.
00001242 2.03468800 [372]
00001243 2.03563380 [372] USERENV(174.fc8) 10:08:30:085
00001244 2.03564978 [372] ProcessGPOs: -----------------------
00001245 2.03566289 [372]
00001246 2.03660536 [372] USERENV(174.fc8) 10:08:30:085
00001247 2.03662181 [372] ProcessGPOs: Processing extension Microsoft Offline Files
00001248 2.03663516 [372]
00001249 2.03759003 [372] USERENV(174.fc8) 10:08:30:085
00001250 2.03760624 [372] CompareGPOLists: The lists are the same.
00001251 2.03761959 [372]
00001252 2.03854871 [372] USERENV(174.fc8) 10:08:30:085
00001253 2.03856659 [372] ProcessGPOs: Extension Microsoft Offline Files skipped with flags 0x6.
00001254 2.03858018 [372]
00001255 2.03951812 [372] USERENV(174.fc8) 10:08:30:085
00001256 2.03953481 [372] ProcessGPOs: -----------------------
00001257 2.03954768 [372]
00001258 2.04048824 [372] USERENV(174.fc8) 10:08:30:085
00001259 2.04050493 [372] ProcessGPOs: Processing extension Software Installation
00001260 2.04051900 [372]
00001261 2.04148722 [372] USERENV(174.fc8) 10:08:30:085
00001262 2.04151011 [372] CompareGPOLists: The lists are the same.
00001263 2.04152489 [372]
00001264 2.04264712 [372] USERENV(174.fc8) 10:08:30:085
00001265 2.04266334 [372] CompareGPOLists: The lists are the same.
00001266 2.04267645 [372]
00001267 2.04361963 [372] USERENV(174.fc8) 10:08:30:085
00001268 2.04363775 [372] ProcessGPOs: Extension Software Installation skipped because both deleted and changed GPO lists are empty.
00001269 2.04365087 [372]
00001270 2.04503012 [372] USERENV(174.fc8) 10:08:30:085
00001271 2.04504704 [372] CExtSessionLogger::Delete: Failed to DeleteInstance with 0x80041002
00001272 2.04506016 [372]
00001273 2.04599428 [372] USERENV(174.fc8) 10:08:30:085
00001274 2.04601073 [372] ProcessGPOs: -----------------------
00001275 2.04602385 [372]
00001276 2.04697609 [372] USERENV(174.fc8) 10:08:30:085
00001277 2.04699373 [372] ProcessGPOs: Processing extension Internet Explorer Machine Accelerators
00001278 2.04700685 [372]
00001279 2.04795265 [372] USERENV(174.fc8) 10:08:30:085
00001280 2.04796863 [372] CompareGPOLists: The lists are the same.
00001281 2.04798174 [372]
00001282 2.04893780 [372] USERENV(174.fc8) 10:08:30:085
00001283 2.04895473 [372] ProcessGPOs: Extension Internet Explorer Machine Accelerators skipped because both deleted and changed GPO lists are empty.
00001284 2.04896808 [372]
00001285 2.05034137 [372] USERENV(174.fc8) 10:08:30:101
00001286 2.05035949 [372] CExtSessionLogger::Delete: Failed to DeleteInstance with 0x80041002
00001287 2.05037141 [372]
00001288 2.05132937 [372] USERENV(174.fc8) 10:08:30:101
00001289 2.05137873 [372] ProcessGPOs: -----------------------
00001290 2.05140305 [372]
00001291 2.05235624 [372] USERENV(174.fc8) 10:08:30:101
00001292 2.05237150 [372] ProcessGPOs: Processing extension IP Security
00001293 2.05238485 [372]
00001294 2.05334783 [372] USERENV(174.fc8) 10:08:30:101
00001295 2.05337334 [372] CompareGPOLists: The lists are the same.
00001296 2.05338883 [372]
00001297 2.05437613 [372] USERENV(174.fc8) 10:08:30:101
00001298 2.05439281 [372] ProcessGPOs: Extension IP Security skipped with flags 0x6.
00001299 2.05440640 [372]
00001300 2.05538344 [372] USERENV(174.fc8) 10:08:30:101
00001301 2.05539966 [372] SetFgRefreshInfo: Previous User Fg policy Synchronous, Reason: SKU.
00001302 2.05541277 [372]
00001303 2.05636787 [372] USERENV(174.fc8) 10:08:30:101
00001304 2.05638409 [372] SetFgRefreshInfo: Next User Fg policy Synchronous, Reason: SKU.
00001305 2.05639720 [372]
00001306 2.05756116 [372] USERENV(174.fc8) 10:08:30:101
00001307 2.05757666 [372] LeaveCriticalPolicySection: Critical section 0x87c has been released.
00001308 2.05759001 [372]
00001309 2.05863333 [372] USERENV(174.fc8) 10:08:30:101
00001310 2.05864644 [372] ProcessGPOs: User Group Policy has been applied.
00001311 2.05868888 [372]
00001312 2.05965090 [372] USERENV(174.fc8) 10:08:30:101
00001313 2.05966735 [372] ProcessGPOs: Leaving with 1.
00001314 2.05968070 [372]
00001315 2.06001067 [372] USERENV(174.fd8) 10:08:30:101
00001316 2.06004071 [372] PolicyChangedThread: Calling UpdateUser with 0.
00001317 2.06006050 [372]
00001318 2.06118798 [372] USERENV(174.fd8) 10:08:30:101
00001319 2.06120801 [372] USERENV(174.fc8) 10:08:30:101
00001320 2.06121922 [372] USERENV(174.fdc) 10:08:30:101
00001321 2.06124020 [372] PolicyChangedThread: Broadcast message for 0.
00001322 2.06125569 [372] ApplyGroupPolicy: Leaving successfully.
00001323 2.06126642 [372] GPOThread: Next refresh will happen in 118 minutes
00001324 2.06171918 [372]
00001325 2.06173778 [372]
00001326 2.06175399 [372]
00001327 2.08966637 [180] USERENV(b4.bc) 10:08:30:132
00001328 2.08969426 [180] LibMain: Process Name: C:\WINDOWS\system32\userinit.exe
00001329 2.08971524 [180]
00001330 2.09595537 [372] USERENV(174.fd8) 10:08:30:132
00001331 2.09596109 [372] PolicyChangedThread: Leaving
00001332 2.09597611 [372]
00001333 2.12982464 [372] SNACNP::NPGetCaps::WNNC_NET_TYPE
00001334 2.12987614 [372] SNACNP::NPGetCaps::WNNC_USER
00001335 2.12992978 [372] SNACNP::NPGetCaps::WNNC_CONNECTION
00001336 2.12998247 [372] SNACNP::NPGetCaps::WNNC_ENUMERATION
00001337 2.13003516 [372] SNACNP::NPGetCaps::WNNC_ADMIN
00001338 2.13008809 [372] SNACNP::NPGetCaps::WNNC_DIALOG
00001339 2.13338780 [372] USERENV(174.178) 10:08:30:178
00001340 2.13342834 [372] IsSyncForegroundPolicyRefresh: Synchronous, Reason: policy set to SYNC
00001341 2.13349557 [372]
00001342 2.14651012 [324] USERENV(144.150) 10:08:30:193
00001343 2.14652729 [324] LibMain: Process Name: C:\WINDOWS\system32\userinit.exe
00001344 2.14654708 [324]
00001345 2.15309978 [432] USERENV(1b0.1c4) 10:08:30:193
00001346 2.15312266 [432] ImpersonateUser: Failed to impersonate user with 5.
00001347 2.15313959 [432]
00001348 2.15408301 [432] USERENV(1b0.1c4) 10:08:30:193
00001349 2.15410423 [432] GetUserNameAndDomain Failed to impersonate user
00001350 2.15412068 [432]
00001351 2.15539408 [432] USERENV(1b0.1c4) 10:08:30:193
00001352 2.15541601 [432] ImpersonateUser: Failed to impersonate user with 5.
00001353 2.15543270 [432]
00001354 2.15630817 [432] USERENV(1b0.1c4) 10:08:30:193
00001355 2.15633059 [432] GetUserDNSDomainName: Failed to impersonate user
00001356 2.15634704 [432]
00001357 2.15800643 [432] USERENV(1b0.1c4) 10:08:30:193
00001358 2.15802813 [432] ImpersonateUser: Failed to impersonate user with 5.
00001359 2.15804482 [432]
00001360 2.15895867 [432] USERENV(1b0.1c4) 10:08:30:193
00001361 2.15897965 [432] GetUserNameAndDomain Failed to impersonate user
00001362 2.15899611 [432]
00001363 2.16021967 [432] USERENV(1b0.1c4) 10:08:30:209
00001364 2.16024160 [432] ImpersonateUser: Failed to impersonate user with 5.
00001365 2.16025829 [432]
00001366 2.16111445 [432] USERENV(1b0.1c4) 10:08:30:209
00001367 2.16113544 [432] GetUserDNSDomainName: Failed to impersonate user
00001368 2.16115165 [432]
00001369 2.16996455 [432] USERENV(1b0.1c4) 10:08:30:209
00001370 2.16998649 [432] ImpersonateUser: Failed to impersonate user with 5.
00001371 2.17003036 [432]
00001372 2.17111444 [432] USERENV(1b0.1c4) 10:08:30:209
00001373 2.17113137 [432] GetUserNameAndDomain Failed to impersonate user
00001374 2.17114568 [432]
00001375 2.17262626 [432] USERENV(1b0.1c4) 10:08:30:209
00001376 2.17264318 [432] ImpersonateUser: Failed to impersonate user with 5.
00001377 2.17265749 [432]
00001378 2.17363548 [432] USERENV(1b0.1c4) 10:08:30:209
00001379 2.17365289 [432] GetUserDNSDomainName: Failed to impersonate user
00001380 2.17366695 [432]
00001381 2.33458614 [344] USERENV(158.1f8) 10:08:30:379
00001382 2.33461499 [344] LibMain: Process Name: C:\WINDOWS\Explorer.EXE
00001383 2.33463120 [344]
00001384 2.39071631 [344] USERENV(158.1f8) 10:08:30:425
00001385 2.39074254 [344] GetProfileType: Profile already loaded.
00001386 2.39075756 [344]
00001387 2.39292002 [344] USERENV(158.1f8) 10:08:30:425
00001388 2.39293742 [344] GetProfileType: ProfileFlags is 0
00001389 2.39295077 [344]
00001390 2.39444995 [344] USERENV(158.1f8) 10:08:30:440
00001391 2.39447212 [344] GetProfileType: Profile already loaded.
00001392 2.39502740 [344]
00001393 2.39548397 [344] USERENV(158.1f8) 10:08:30:440
00001394 2.39556170 [344] GetProfileType: ProfileFlags is 0
00001395 2.39605498 [344]
00001396 2.39608192 [344] USERENV(158.14c) 10:08:30:440
00001397 2.39610124 [344] GetProfileType: Profile already loaded.
00001398 2.39618945 [344]
00001399 2.39621377 [344] USERENV(158.14c) 10:08:30:440
00001400 2.39623213 [344] GetProfileType: ProfileFlags is 0
00001401 2.39707780 [344]
00001402 2.46443963 [548] USERENV(224.454) 10:08:30:502
00001403 2.46446466 [548] LibMain: Process Name: C:\WINDOWS\system32\ctfmon.exe
00001404 2.46448183 [548]
00001405 2.46688366 [952] USERENV(3b8.430) 10:08:30:502
00001406 2.46689725 [952] LibMain: Process Name: C:\Program Files\VMware\VMware Tools\VMwareUser.exe
00001407 2.46692657 [952]
00001408 2.47410774 [548] USERENV(224.454) 10:08:30:518
00001409 2.47412324 [548] GetProfileType: Profile already loaded.
00001410 2.47413588 [548]
00001411 2.47546864 [548] USERENV(224.454) 10:08:30:518
00001412 2.47549176 [548] GetProfileType: ProfileFlags is 0
00001413 2.47550559 [548]
00001414 2.48176408 [1092] SymNetDrvHelper: Unexpected error returned from RegQueryValueEx()
00001415 2.48183417 [548] USERENV(224.454) 10:08:30:518
00001416 2.48186922 [548] GetProfileType: Profile already loaded.
00001417 2.48299193 [548]
00001418 2.48566747 [548] USERENV(224.454) 10:08:30:518
00001419 2.48707223 [548] GetProfileType: ProfileFlags is 0
00001420 2.48723125 [548]
00001421 3.09178448 [952] USERENV(3b8.430) 10:08:31:120
00001422 3.09181356 [952] GetProfileType: Profile already loaded.
00001423 3.09182954 [952]
00001424 3.09298491 [952] USERENV(3b8.430) 10:08:31:120
00001425 3.09300137 [952] GetProfileType: ProfileFlags is 0
00001426 3.09301472 [952]
00001427 3.09461737 [952] USERENV(3b8.430) 10:08:31:120
00001428 3.09464383 [952] GetProfileType: Profile already loaded.
00001429 3.09465957 [952]
00001430 3.09567785 [952] USERENV(3b8.430) 10:08:31:120
00001431 3.09569383 [952] GetProfileType: ProfileFlags is 0
00001432 3.09570718 [952]
00001433 3.74291253 [1304] USERENV(518.6f4) 10:08:31:768
00001434 3.74294925 [1304] LibMain: Process Name: C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
00001435 3.74296737 [1304]
00001436 17.05250931 [2180] USERENV(884.888) 10:08:44:921
00001437 17.05254173 [2180] LibMain: Process Name: C:\WINDOWS\system32\userinit.exe
00001438 17.05256271 [2180]
Wed Oct 26, 2011 11:14 am View user's profile Send private message
SysOp
Site Admin


Joined: 26 Nov 2006
Posts: 6509

Post Reply with quote
This looks a bit better than the one before.

Now, is your system English based or some other language? On the Login dialog, which letters are used as accelerators? For example, when login dialog is displayed and focus is in the user name field, and you press Alt+P, does focus move to Password field?
Wed Oct 26, 2011 11:40 pm View user's profile Send private message
miande



Joined: 21 Oct 2011
Posts: 21
Country: United States

Post Reply with quote
Yes it does work as you have described.
Thu Oct 27, 2011 9:50 am View user's profile Send private message
SysOp
Site Admin


Joined: 26 Nov 2006
Posts: 6509

Post Reply with quote
Two more things please. Check what you get in the C:\logon.log file. Are there any errors?

Try logon logon.exe -u <username> -p <password> -k U X
and with invalid user or password. I want to see if the logon screen will crash or return an error message and if the invalid user name will stick.
Thu Oct 27, 2011 10:32 am View user's profile Send private message
miande



Joined: 21 Oct 2011
Posts: 21
Country: United States

Post Reply with quote
In the previous test there is nothing but success messages in the c:\logon.log:

Wed Oct 26 10:21:12 2011 Logon successful.

Working on the wrong user test...
Thu Oct 27, 2011 10:42 am View user's profile Send private message
miande



Joined: 21 Oct 2011
Posts: 21
Country: United States

Post Reply with quote
I ran the test with an invalid user and it looks the same as if i ran it with a valid user:

The Event Log says:

The Logon service was successfully sent a start control.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Then the Event Log says:

The Logon service terminated unexpectedly. It has done this 1 time(s).

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Then the c\logon.log says:

Thu Oct 27 09:42:47 2011 Logon successful.
Thu Oct 27, 2011 10:50 am View user's profile Send private message
SysOp
Site Admin


Joined: 26 Nov 2006
Posts: 6509

Post Reply with quote
From the logon.exe point of view, it was able to attach to the logon desktop and winstation, it found the logon dialog and it successfully send keystrokes emulating user name and password inputs followed by the Enter key. It doesn't know if these keystrokes were accepted or not.

On my test W2003K system it works just fine. I'm not sure what else is at play on your system and causing the user/password input go astray or make the logon service crash while processing them.
Fri Oct 28, 2011 1:16 am View user's profile Send private message
miande



Joined: 21 Oct 2011
Posts: 21
Country: United States

Post Reply with quote
If it is working correctly then why is it when I put in an invalid user name and provide the wrong keystroke id (-k U X) does the c:\logon.log say that logon was successful?
Fri Oct 28, 2011 9:17 am View user's profile Send private message
SysOp
Site Admin


Joined: 26 Nov 2006
Posts: 6509

Post Reply with quote
The logon clearly fails., but the utility is not aware of that. From the utility point of view, it is able to hook the logon dialog and send user/password to it. I bet it says "logon successful" for any user/password, the message simply means the process of sending user/password to logon dialog was successful.

Something is interfering with that process, and I don't see what it is.

From your DebugView log

Quote:
00001338 2.13008809 [372] SNACNP::NPGetCaps::WNNC_DIALOG
00001339 2.13338780 [372] USERENV(174.178) 10:08:30:178
00001340 2.13342834 [372] IsSyncForegroundPolicyRefresh: Synchronous, Reason: policy set to SYNC
00001341 2.13349557 [372]
00001342 2.14651012 [324] USERENV(144.150) 10:08:30:193
00001343 2.14652729 [324] LibMain: Process Name: C:\WINDOWS\system32\userinit.exe
00001344 2.14654708 [324]
00001345 2.15309978 [432] USERENV(1b0.1c4) 10:08:30:193
00001346 2.15312266 [432] ImpersonateUser: Failed to impersonate user with 5.


So clearly the logon fails. Perhaps user/password keystrokes get blocked by some process, but then why the logon dialog disappears after that? so far I have no answer for that.
Fri Oct 28, 2011 9:40 am View user's profile Send private message
miande



Joined: 21 Oct 2011
Posts: 21
Country: United States

Post Reply with quote
The crazy thing about it is the logon dialog box never dissappears. The logon dialog box acts as if nothing has happened. It stays on the screen.
Fri Oct 28, 2011 10:42 am View user's profile Send private message
SysOp
Site Admin


Joined: 26 Nov 2006
Posts: 6509

Post Reply with quote
Aahh... that makes a difference. I thought it blinks and disappears. In that case, generated keystrokes miss the logon dialog, Dos the dialog have input focus? Does it have a blue or gray title bar?
Fri Oct 28, 2011 11:15 am View user's profile Send private message
miande



Joined: 21 Oct 2011
Posts: 21
Country: United States

Post Reply with quote
This is what it looks like:


Fri Oct 28, 2011 12:04 pm View user's profile Send private message
Display posts from previous:    
Reply to topic    SoftTree Technologies Forum Index » 24x7 Scheduler, Event Server, Automation Suite All times are GMT - 4 Hours
Goto page Previous  1, 2, 3  Next
Page 2 of 3

 
Jump to: 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


 

 

Powered by phpBB © 2001, 2005 phpBB Group
Design by Freestyle XL / Flowers Online.